1a8e1175bSopenharmony_ci## This file contains a record of how some of the test data was 2a8e1175bSopenharmony_ci## generated. The final build products are committed to the repository 3a8e1175bSopenharmony_ci## as well to make sure that the test data is identical. You do not 4a8e1175bSopenharmony_ci## need to use this makefile unless you're extending Mbed TLS's tests. 5a8e1175bSopenharmony_ci 6a8e1175bSopenharmony_ci## Many data files were generated prior to the existence of this 7a8e1175bSopenharmony_ci## makefile, so the method of their generation was not recorded. 8a8e1175bSopenharmony_ci 9a8e1175bSopenharmony_ci## Note that in addition to depending on the version of the data 10a8e1175bSopenharmony_ci## generation tool, many of the build outputs are randomized, so 11a8e1175bSopenharmony_ci## running this makefile twice would not produce the same results. 12a8e1175bSopenharmony_ci 13a8e1175bSopenharmony_ci## Tools 14a8e1175bSopenharmony_ciOPENSSL ?= openssl 15a8e1175bSopenharmony_ciFAKETIME ?= faketime 16a8e1175bSopenharmony_ci 17a8e1175bSopenharmony_ciTOP_DIR = ../.. 18a8e1175bSopenharmony_ciMBEDTLS_CERT_WRITE ?= $(TOP_DIR)/programs/x509/cert_write 19a8e1175bSopenharmony_ciMBEDTLS_CERT_REQ ?= $(TOP_DIR)/programs/x509/cert_req 20a8e1175bSopenharmony_ci 21a8e1175bSopenharmony_ci 22a8e1175bSopenharmony_ci## Build the generated test data. Note that since the final outputs 23a8e1175bSopenharmony_ci## are committed to the repository, this target should do nothing on a 24a8e1175bSopenharmony_ci## fresh checkout. Furthermore, since the generation is randomized, 25a8e1175bSopenharmony_ci## re-running the same targets may result in differing files. The goal 26a8e1175bSopenharmony_ci## of this makefile is primarily to serve as a record of how the 27a8e1175bSopenharmony_ci## targets were generated in the first place. 28a8e1175bSopenharmony_cidefault: all_final 29a8e1175bSopenharmony_ci 30a8e1175bSopenharmony_ciall_intermediate := # temporary files 31a8e1175bSopenharmony_ciall_final := # files used by tests 32a8e1175bSopenharmony_ci 33a8e1175bSopenharmony_ci 34a8e1175bSopenharmony_ci 35a8e1175bSopenharmony_ci################################################################ 36a8e1175bSopenharmony_ci#### Generate certificates from existing keys 37a8e1175bSopenharmony_ci################################################################ 38a8e1175bSopenharmony_ci 39a8e1175bSopenharmony_citest_ca_crt = test-ca.crt 40a8e1175bSopenharmony_citest_ca_key_file_rsa = test-ca.key 41a8e1175bSopenharmony_citest_ca_key_file_rsa_unenc = test-ca_unenc.key 42a8e1175bSopenharmony_citest_ca_pwd_rsa = PolarSSLTest 43a8e1175bSopenharmony_citest_ca_config_file = test-ca.opensslconf 44a8e1175bSopenharmony_ci 45a8e1175bSopenharmony_ci$(test_ca_key_file_rsa): 46a8e1175bSopenharmony_ci $(OPENSSL) genrsa -aes-128-cbc -passout pass:$(test_ca_pwd_rsa) -out $@ 2048 47a8e1175bSopenharmony_ci$(test_ca_key_file_rsa_unenc): $(test_ca_key_file_rsa) 48a8e1175bSopenharmony_ci $(OPENSSL) rsa -passin pass:$(test_ca_pwd_rsa) -in $< -out $@ 49a8e1175bSopenharmony_ciall_final += $(test_ca_key_file_rsa) $(test_ca_key_file_rsa_unenc) 50a8e1175bSopenharmony_ci 51a8e1175bSopenharmony_citest-ca.req.sha256: $(test_ca_key_file_rsa) 52a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_rsa) password=$(test_ca_pwd_rsa) subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" md=SHA256 53a8e1175bSopenharmony_ciall_intermediate += test-ca.req.sha256 54a8e1175bSopenharmony_ci 55a8e1175bSopenharmony_ciparse_input/test-ca.crt test-ca.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 56a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@ 57a8e1175bSopenharmony_ciall_final += test-ca.crt 58a8e1175bSopenharmony_ci 59a8e1175bSopenharmony_ciparse_input/test-ca.crt.der: parse_input/test-ca.crt 60a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 61a8e1175bSopenharmony_ci 62a8e1175bSopenharmony_citest-ca.key.der: $(test_ca_key_file_rsa) 63a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER -passin "pass:$(test_ca_pwd_rsa)" 64a8e1175bSopenharmony_ciall_final += test-ca.key.der 65a8e1175bSopenharmony_ci 66a8e1175bSopenharmony_ci# This is only used for generating cert_example_multi_nocn.crt 67a8e1175bSopenharmony_citest-ca_nocn.crt: $(test_ca_key_file_rsa) 68a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 selfsign=1 \ 69a8e1175bSopenharmony_ci subject_key=$(test_ca_key_file_rsa) subject_pwd=$(test_ca_pwd_rsa) subject_name="C=NL" \ 70a8e1175bSopenharmony_ci issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) issuer_name="C=NL" \ 71a8e1175bSopenharmony_ci not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@ 72a8e1175bSopenharmony_ciall_intermediate += test-ca_nocn.crt 73a8e1175bSopenharmony_ci 74a8e1175bSopenharmony_citest-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 75a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@ 76a8e1175bSopenharmony_ciall_final += test-ca-sha1.crt 77a8e1175bSopenharmony_ci 78a8e1175bSopenharmony_citest-ca-sha1.crt.der: test-ca-sha1.crt 79a8e1175bSopenharmony_ci $(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER 80a8e1175bSopenharmony_ciall_final += test-ca-sha1.crt.der 81a8e1175bSopenharmony_ci 82a8e1175bSopenharmony_citest-ca-sha256.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 83a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@ 84a8e1175bSopenharmony_ciall_final += test-ca-sha256.crt 85a8e1175bSopenharmony_ci 86a8e1175bSopenharmony_citest-ca-sha256.crt.der: test-ca-sha256.crt 87a8e1175bSopenharmony_ci $(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER 88a8e1175bSopenharmony_ciall_final += test-ca-sha256.crt.der 89a8e1175bSopenharmony_ci 90a8e1175bSopenharmony_citest-ca_utf8.crt: $(test_ca_key_file_rsa) 91a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -utf8 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@ 92a8e1175bSopenharmony_ciall_final += test-ca_utf8.crt 93a8e1175bSopenharmony_ci 94a8e1175bSopenharmony_citest-ca_printable.crt: $(test_ca_key_file_rsa) 95a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@ 96a8e1175bSopenharmony_ciall_final += test-ca_printable.crt 97a8e1175bSopenharmony_ci 98a8e1175bSopenharmony_citest-ca_uppercase.crt: $(test_ca_key_file_rsa) 99a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@ 100a8e1175bSopenharmony_ciall_final += test-ca_uppercase.crt 101a8e1175bSopenharmony_ci 102a8e1175bSopenharmony_citest_ca_key_file_rsa_alt = test-ca-alt.key 103a8e1175bSopenharmony_ci 104a8e1175bSopenharmony_cicert_example_multi.csr: rsa_pkcs1_1024_clear.pem 105a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=www.example.com" -set_serial 17 -config $(test_ca_config_file) -extensions dns_alt_names -days 3650 -key rsa_pkcs1_1024_clear.pem -out $@ 106a8e1175bSopenharmony_ci 107a8e1175bSopenharmony_ciparse_input/cert_example_multi.crt cert_example_multi.crt: cert_example_multi.csr 108a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ 109a8e1175bSopenharmony_ci -extfile $(test_ca_config_file) -extensions dns_alt_names \ 110a8e1175bSopenharmony_ci -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 \ 111a8e1175bSopenharmony_ci -in $< > $@ 112a8e1175bSopenharmony_ci 113a8e1175bSopenharmony_cicert_example_multi_nocn.csr: rsa_pkcs1_1024_clear.pem 114a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) filename=$< output_file=$@ subject_name='C=NL' 115a8e1175bSopenharmony_ciall_intermediate += cert_example_multi_nocn.csr 116a8e1175bSopenharmony_ci 117a8e1175bSopenharmony_ciparse_input/cert_example_multi_nocn.crt cert_example_multi_nocn.crt: cert_example_multi_nocn.csr test-ca_nocn.crt 118a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -CA test-ca_nocn.crt -CAkey $(test_ca_key_file_rsa) \ 119a8e1175bSopenharmony_ci -extfile $(test_ca_config_file) -extensions ext_multi_nocn -passin "pass:$(test_ca_pwd_rsa)" \ 120a8e1175bSopenharmony_ci -set_serial 0xf7c67ff8e9a963f9 -days 3653 -sha1 -in $< > $@ 121a8e1175bSopenharmony_ciall_final += cert_example_multi_nocn.crt 122a8e1175bSopenharmony_ci 123a8e1175bSopenharmony_ciparse_input/test_csr_v3_keyUsage.csr.der: rsa_pkcs1_1024_clear.pem 124a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_keyUsage 125a8e1175bSopenharmony_ciparse_input/test_csr_v3_subjectAltName.csr.der: rsa_pkcs1_1024_clear.pem 126a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_subjectAltName 127a8e1175bSopenharmony_ciparse_input/test_csr_v3_nsCertType.csr.der: rsa_pkcs1_1024_clear.pem 128a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_nsCertType 129a8e1175bSopenharmony_ciparse_input/test_csr_v3_all.csr.der: rsa_pkcs1_1024_clear.pem 130a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_all 131a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_extensions_sequence_tag.csr.der: parse_input/test_csr_v3_all.csr.der 132a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/300B0603551D0F040403/200B0603551D0F040403/" | xxd -r -p ) > $@ 133a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_extension_id_tag.csr.der: parse_input/test_csr_v3_all.csr.der 134a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/0603551D0F0404030201/0703551D0F0404030201/" | xxd -r -p ) > $@ 135a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_extension_data_tag.csr.der: parse_input/test_csr_v3_all.csr.der 136a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/050403020102302F0603/" | xxd -r -p ) > $@ 137a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_extension_data_len1.csr.der: parse_input/test_csr_v3_all.csr.der 138a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/040503020102302F0603/" | xxd -r -p ) > $@ 139a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_extension_data_len2.csr.der: parse_input/test_csr_v3_all.csr.der 140a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/040303020102302F0603/" | xxd -r -p ) > $@ 141a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr.der: parse_input/test_csr_v3_all.csr.der 142a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/03020102302F0603551D/04020102302F0603551D/" | xxd -r -p ) > $@ 143a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr.der: parse_input/test_csr_v3_all.csr.der 144a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/3026A02406082B060105/4026A02406082B060105/" | xxd -r -p ) > $@ 145a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der: parse_input/test_csr_v3_all.csr.der 146a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/03020780300D06092A86/04020780300D06092A86/" | xxd -r -p ) > $@ 147a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_duplicated_extension.csr.der: parse_input/test_csr_v3_all.csr.der 148a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/551D11/551D0F/" | xxd -r -p ) > $@ 149a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_extension_type_oid.csr.der: parse_input/test_csr_v3_all.csr.der 150a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/551D11/551DFF/" | xxd -r -p ) > $@ 151a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_attributes_sequence_tag.csr.der: parse_input/test_csr_v3_all.csr.der 152a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/406006092A864886F70D/" | xxd -r -p ) > $@ 153a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_attributes_id_tag.csr.der: parse_input/test_csr_v3_all.csr.der 154a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/06092A864886F70D0109/07092A864886F70D0109/" | xxd -r -p ) > $@ 155a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_attributes_extension_request.csr.der: parse_input/test_csr_v3_all.csr.der 156a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/2A864886F70D01090E/2A864886F70D01090F/" | xxd -r -p ) > $@ 157a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr.der: parse_input/test_csr_v3_all.csr.der 158a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/31533051300B0603551D/32533051300B0603551D/" | xxd -r -p ) > $@ 159a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr.der: parse_input/test_csr_v3_all.csr.der 160a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3151300B0603551D0F04/" | xxd -r -p ) > $@ 161a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_attributes_len1.csr.der: parse_input/test_csr_v3_all.csr.der 162a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/306106092A864886F70D/" | xxd -r -p ) > $@ 163a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_attributes_len2.csr.der: parse_input/test_csr_v3_all.csr.der 164a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/305906092A864886F70D/" | xxd -r -p ) > $@ 165a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr.der: parse_input/test_csr_v3_all.csr.der 166a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3052300B0603551D0F04/" | xxd -r -p ) > $@ 167a8e1175bSopenharmony_ciparse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr.der: parse_input/test_csr_v3_all.csr.der 168a8e1175bSopenharmony_ci (hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3050300B0603551D0F04/" | xxd -r -p ) > $@ 169a8e1175bSopenharmony_ci 170a8e1175bSopenharmony_ciparse_input/test_cert_rfc822name.crt.der: cert_example_multi.csr 171a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -outform DER -extensions rfc822name_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@ 172a8e1175bSopenharmony_ci 173a8e1175bSopenharmony_ci$(test_ca_key_file_rsa_alt):test-ca.opensslconf 174a8e1175bSopenharmony_ci $(OPENSSL) genrsa -out $@ 2048 175a8e1175bSopenharmony_citest-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) 176a8e1175bSopenharmony_ci $(OPENSSL) req -new -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@ 177a8e1175bSopenharmony_ciall_intermediate += test-ca-alt.csr 178a8e1175bSopenharmony_citest-ca-alt.crt: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) test-ca-alt.csr 179a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -set_serial 0 -days 3653 -sha256 -in test-ca-alt.csr -out $@ 180a8e1175bSopenharmony_ciall_final += test-ca-alt.crt 181a8e1175bSopenharmony_citest-ca-alt-good.crt: test-ca-alt.crt test-ca-sha256.crt 182a8e1175bSopenharmony_ci cat test-ca-alt.crt test-ca-sha256.crt > $@ 183a8e1175bSopenharmony_ciall_final += test-ca-alt-good.crt 184a8e1175bSopenharmony_citest-ca-good-alt.crt: test-ca-alt.crt test-ca-sha256.crt 185a8e1175bSopenharmony_ci cat test-ca-sha256.crt test-ca-alt.crt > $@ 186a8e1175bSopenharmony_ciall_final += test-ca-good-alt.crt 187a8e1175bSopenharmony_ci 188a8e1175bSopenharmony_citest_ca_crt_file_ec = test-ca2.crt 189a8e1175bSopenharmony_citest_ca_key_file_ec = test-ca2.key 190a8e1175bSopenharmony_ci 191a8e1175bSopenharmony_citest-ca2.req.sha256: $(test_ca_key_file_ec) 192a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) \ 193a8e1175bSopenharmony_ci subject_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" md=SHA256 194a8e1175bSopenharmony_ciall_intermediate += test-ca2.req.sha256 195a8e1175bSopenharmony_ci 196a8e1175bSopenharmony_citest-ca2.crt: $(test_ca_key_file_ec) test-ca2.req.sha256 197a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 selfsign=1 \ 198a8e1175bSopenharmony_ci request_file=test-ca2.req.sha256 \ 199a8e1175bSopenharmony_ci issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" \ 200a8e1175bSopenharmony_ci issuer_key=$(test_ca_key_file_ec) \ 201a8e1175bSopenharmony_ci not_before=20190210144400 not_after=20290210144400 \ 202a8e1175bSopenharmony_ci md=SHA256 version=3 output_file=$@ 203a8e1175bSopenharmony_ciall_final += test-ca2.crt 204a8e1175bSopenharmony_ci 205a8e1175bSopenharmony_citest-ca2.ku-%.crt: test-ca2.ku-%.crt.openssl.v3_ext $(test_ca_key_file_ec) test-ca2.req.sha256 206a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -in test-ca2.req.sha256 -extfile $< \ 207a8e1175bSopenharmony_ci -signkey $(test_ca_key_file_ec) -days 3653 -out $@ 208a8e1175bSopenharmony_ci 209a8e1175bSopenharmony_ciall_final += test-ca2.ku-crl.crt test-ca2.ku-crt.crt test-ca2.ku-crt_crl.crt \ 210a8e1175bSopenharmony_ci test-ca2.ku-ds.crt 211a8e1175bSopenharmony_ci 212a8e1175bSopenharmony_citest-ca2-future.crt: $(test_ca_key_file_ec) test-ca2.req.sha256 213a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 request_file=test-ca2.req.sha256 selfsign=1 \ 214a8e1175bSopenharmony_ci issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" issuer_key=$(test_ca_key_file_ec) \ 215a8e1175bSopenharmony_ci not_before=20290210144400 not_after=20390210144400 md=SHA256 version=3 output_file=$@ 216a8e1175bSopenharmony_ciall_intermediate += test-ca2-future.crt 217a8e1175bSopenharmony_ci 218a8e1175bSopenharmony_citest_ca_ec_cat := # files that concatenate different crt 219a8e1175bSopenharmony_citest-ca2_cat-future-invalid.crt: test-ca2-future.crt server6.crt 220a8e1175bSopenharmony_citest_ca_ec_cat += test-ca2_cat-future-invalid.crt 221a8e1175bSopenharmony_citest-ca2_cat-future-present.crt: test-ca2-future.crt test-ca2.crt 222a8e1175bSopenharmony_citest_ca_ec_cat += test-ca2_cat-future-present.crt 223a8e1175bSopenharmony_citest-ca2_cat-present-future.crt: test-ca2.crt test-ca2-future.crt 224a8e1175bSopenharmony_citest_ca_ec_cat += test-ca2_cat-present-future.crt 225a8e1175bSopenharmony_citest-ca2_cat-present-past.crt: test-ca2.crt test-ca2-expired.crt 226a8e1175bSopenharmony_citest_ca_ec_cat += test-ca2_cat-present-past.crt 227a8e1175bSopenharmony_citest-ca2_cat-past-invalid.crt: test-ca2-expired.crt server6.crt 228a8e1175bSopenharmony_citest_ca_ec_cat += test-ca2_cat-past-invalid.crt 229a8e1175bSopenharmony_citest-ca2_cat-past-present.crt: test-ca2-expired.crt test-ca2.crt 230a8e1175bSopenharmony_citest_ca_ec_cat += test-ca2_cat-past-present.crt 231a8e1175bSopenharmony_ci$(test_ca_ec_cat): 232a8e1175bSopenharmony_ci cat $^ > $@ 233a8e1175bSopenharmony_ciall_final += $(test_ca_ec_cat) 234a8e1175bSopenharmony_ci 235a8e1175bSopenharmony_ciparse_input/test-ca-any_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 236a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca \ 237a8e1175bSopenharmony_ci -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" \ 238a8e1175bSopenharmony_ci -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@ 239a8e1175bSopenharmony_ci 240a8e1175bSopenharmony_ciparse_input/test-ca-any_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 241a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca \ 242a8e1175bSopenharmony_ci -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 \ 243a8e1175bSopenharmony_ci -in test-ca.req_ec.sha256 -out $@ 244a8e1175bSopenharmony_ci 245a8e1175bSopenharmony_ciparse_input/test-ca-any_policy_with_qualifier.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 246a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_qualifier_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@ 247a8e1175bSopenharmony_ci 248a8e1175bSopenharmony_ciparse_input/test-ca-any_policy_with_qualifier_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 249a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_qualifier_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@ 250a8e1175bSopenharmony_ci 251a8e1175bSopenharmony_ciparse_input/test-ca-multi_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 252a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_multi_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@ 253a8e1175bSopenharmony_ci 254a8e1175bSopenharmony_ciparse_input/test-ca-multi_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 255a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_multi_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@ 256a8e1175bSopenharmony_ci 257a8e1175bSopenharmony_ciparse_input/test-ca-unsupported_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 258a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_unsupported_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@ 259a8e1175bSopenharmony_ci 260a8e1175bSopenharmony_ciparse_input/test-ca-unsupported_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 261a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_unsupported_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@ 262a8e1175bSopenharmony_ci 263a8e1175bSopenharmony_citest-ca.req_ec.sha256: $(test_ca_key_file_ec) 264a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) subject_name="C=NL, O=PolarSSL, CN=Polarssl Test EC CA" md=SHA256 265a8e1175bSopenharmony_ciall_intermediate += test-ca.req_ec.sha256 266a8e1175bSopenharmony_ci 267a8e1175bSopenharmony_citest-ca2.crt.der: $(test_ca_crt_file_ec) 268a8e1175bSopenharmony_ci $(OPENSSL) x509 -in $(test_ca_crt_file_ec) -out $@ -inform PEM -outform DER 269a8e1175bSopenharmony_ciall_final += test-ca2.crt.der 270a8e1175bSopenharmony_ci 271a8e1175bSopenharmony_citest-ca2.key.der: $(test_ca_key_file_ec) 272a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $(test_ca_key_file_ec) -out $@ -inform PEM -outform DER 273a8e1175bSopenharmony_ciall_final += test-ca2.key.der 274a8e1175bSopenharmony_ci 275a8e1175bSopenharmony_citest_ca_crt_cat12 = test-ca_cat12.crt 276a8e1175bSopenharmony_ci$(test_ca_crt_cat12): $(test_ca_crt) $(test_ca_crt_file_ec) 277a8e1175bSopenharmony_ci cat $(test_ca_crt) $(test_ca_crt_file_ec) > $@ 278a8e1175bSopenharmony_ciall_final += $(test_ca_crt_cat12) 279a8e1175bSopenharmony_ci 280a8e1175bSopenharmony_citest_ca_crt_cat21 = test-ca_cat21.crt 281a8e1175bSopenharmony_ci$(test_ca_crt_cat21): $(test_ca_crt) $(test_ca_crt_file_ec) 282a8e1175bSopenharmony_ci cat $(test_ca_crt_file_ec) $(test_ca_crt) > $@ 283a8e1175bSopenharmony_ciall_final += $(test_ca_crt_cat21) 284a8e1175bSopenharmony_ci 285a8e1175bSopenharmony_citest-int-ca.csr: test-int-ca.key $(test_ca_config_file) 286a8e1175bSopenharmony_ci $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca.key -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate CA" -out $@ 287a8e1175bSopenharmony_ci 288a8e1175bSopenharmony_citest-int-ca2.csr: test-int-ca2.key $(test_ca_config_file) 289a8e1175bSopenharmony_ci $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca2.key \ 290a8e1175bSopenharmony_ci -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate EC CA" -out $@ 291a8e1175bSopenharmony_ci 292a8e1175bSopenharmony_citest-int-ca3.csr: test-int-ca3.key $(test_ca_config_file) 293a8e1175bSopenharmony_ci $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca3.key \ 294a8e1175bSopenharmony_ci -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -out $@ 295a8e1175bSopenharmony_ci 296a8e1175bSopenharmony_ciall_intermediate += test-int-ca.csr test-int-ca2.csr test-int-ca3.csr 297a8e1175bSopenharmony_ci 298a8e1175bSopenharmony_citest-int-ca.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr 299a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca \ 300a8e1175bSopenharmony_ci -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ 301a8e1175bSopenharmony_ci -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@ 302a8e1175bSopenharmony_ci 303a8e1175bSopenharmony_citest-int-ca2.crt: $(test_ca_key_file_rsa) $(test_ca_crt) $(test_ca_config_file) test-int-ca2.csr 304a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt) \ 305a8e1175bSopenharmony_ci -CAkey $(test_ca_key_file_rsa) -set_serial 15 -days 3653 -sha256 -in test-int-ca2.csr \ 306a8e1175bSopenharmony_ci -passin "pass:$(test_ca_pwd_rsa)" -out $@ 307a8e1175bSopenharmony_ci 308a8e1175bSopenharmony_ci# Note: This requests openssl version >= 3.x.xx 309a8e1175bSopenharmony_citest-int-ca3.crt: test-int-ca2.crt test-int-ca2.key $(test_ca_config_file) test-int-ca3.csr 310a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions no_subj_auth_id \ 311a8e1175bSopenharmony_ci -CA test-int-ca2.crt -CAkey test-int-ca2.key -set_serial 77 -days 3653 \ 312a8e1175bSopenharmony_ci -sha256 -in test-int-ca3.csr -out $@ 313a8e1175bSopenharmony_ci 314a8e1175bSopenharmony_citest-int-ca-exp.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr 315a8e1175bSopenharmony_ci $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@ 316a8e1175bSopenharmony_ci 317a8e1175bSopenharmony_ciall_final += test-int-ca-exp.crt test-int-ca.crt test-int-ca2.crt test-int-ca3.crt 318a8e1175bSopenharmony_ci 319a8e1175bSopenharmony_cienco-cert-utf8str.pem: rsa_pkcs1_1024_clear.pem 320a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=rsa_pkcs1_1024_clear.pem subject_name="CN=dw.yonan.net" issuer_crt=enco-ca-prstr.pem issuer_key=rsa_pkcs1_1024_clear.pem not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ 321a8e1175bSopenharmony_ci 322a8e1175bSopenharmony_ciparse_input/crl-idp.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) 323a8e1175bSopenharmony_ci $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp -out $@ 324a8e1175bSopenharmony_ciparse_input/crl-idpnc.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) 325a8e1175bSopenharmony_ci $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp_nc -out $@ 326a8e1175bSopenharmony_ci 327a8e1175bSopenharmony_cicli_crt_key_file_rsa = cli-rsa.key 328a8e1175bSopenharmony_cicli_crt_extensions_file = cli.opensslconf 329a8e1175bSopenharmony_ci 330a8e1175bSopenharmony_cicli-rsa.csr: $(cli_crt_key_file_rsa) 331a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Client 2" md=SHA1 332a8e1175bSopenharmony_ciall_intermediate += cli-rsa.csr 333a8e1175bSopenharmony_ci 334a8e1175bSopenharmony_cicli-rsa-sha1.crt: cli-rsa.csr 335a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ 336a8e1175bSopenharmony_ci 337a8e1175bSopenharmony_cicli-rsa-sha256.crt: cli-rsa.csr 338a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@ 339a8e1175bSopenharmony_ciall_final += cli-rsa-sha256.crt 340a8e1175bSopenharmony_ci 341a8e1175bSopenharmony_cicli-rsa-sha256.crt.der: cli-rsa-sha256.crt 342a8e1175bSopenharmony_ci $(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER 343a8e1175bSopenharmony_ciall_final += cli-rsa-sha256.crt.der 344a8e1175bSopenharmony_ci 345a8e1175bSopenharmony_ciparse_input/cli-rsa-sha256-badalg.crt.der: cli-rsa-sha256.crt.der 346a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/06092A864886F70D01010B0500/06092A864886F70D01010B0900/2" | xxd -r -p > $@ 347a8e1175bSopenharmony_ci 348a8e1175bSopenharmony_cicli-rsa.key.der: $(cli_crt_key_file_rsa) 349a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER 350a8e1175bSopenharmony_ciall_final += cli-rsa.key.der 351a8e1175bSopenharmony_ci 352a8e1175bSopenharmony_citest_ca_int_rsa1 = test-int-ca.crt 353a8e1175bSopenharmony_citest_ca_int_ec = test-int-ca2.crt 354a8e1175bSopenharmony_citest_ca_int_key_file_ec = test-int-ca2.key 355a8e1175bSopenharmony_ci 356a8e1175bSopenharmony_ci# server7* 357a8e1175bSopenharmony_ci 358a8e1175bSopenharmony_ciserver7.csr: server7.key 359a8e1175bSopenharmony_ci $(OPENSSL) req -new -key server7.key -subj "/C=NL/O=PolarSSL/CN=localhost" -out $@ 360a8e1175bSopenharmony_ciall_intermediate += server7.csr 361a8e1175bSopenharmony_ci 362a8e1175bSopenharmony_ciserver7.crt: server7.csr $(test_ca_int_rsa1) 363a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ 364a8e1175bSopenharmony_ci -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key \ 365a8e1175bSopenharmony_ci -set_serial 16 -days 3653 -sha256 -in server7.csr > $@ 366a8e1175bSopenharmony_ciall_final += server7.crt 367a8e1175bSopenharmony_ci 368a8e1175bSopenharmony_ciserver7-expired.crt: server7.csr $(test_ca_int_rsa1) 369a8e1175bSopenharmony_ci $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@ 370a8e1175bSopenharmony_ciall_final += server7-expired.crt 371a8e1175bSopenharmony_ci 372a8e1175bSopenharmony_ciserver7-future.crt: server7.csr $(test_ca_int_rsa1) 373a8e1175bSopenharmony_ci $(FAKETIME) -f +3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@ 374a8e1175bSopenharmony_ciall_final += server7-future.crt 375a8e1175bSopenharmony_ci 376a8e1175bSopenharmony_ciserver7-badsign.crt: server7.crt $(test_ca_int_rsa1) 377a8e1175bSopenharmony_ci { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; cat $(test_ca_int_rsa1); } > $@ 378a8e1175bSopenharmony_ciall_final += server7-badsign.crt 379a8e1175bSopenharmony_ci 380a8e1175bSopenharmony_ciparse_input/server7_int-ca.crt server7_int-ca.crt: server7.crt $(test_ca_int_rsa1) 381a8e1175bSopenharmony_ci cat server7.crt $(test_ca_int_rsa1) > $@ 382a8e1175bSopenharmony_ciall_final += server7_int-ca.crt 383a8e1175bSopenharmony_ci 384a8e1175bSopenharmony_ciparse_input/server7_pem_space.crt: server7.crt $(test_ca_int_rsa1) 385a8e1175bSopenharmony_ci cat server7.crt $(test_ca_int_rsa1) | sed '4s/\(.\)$$/ \1/' > $@ 386a8e1175bSopenharmony_ci 387a8e1175bSopenharmony_ciparse_input/server7_all_space.crt: server7.crt $(test_ca_int_rsa1) 388a8e1175bSopenharmony_ci { cat server7.crt | sed '4s/\(.\)$$/ \1/'; cat test-int-ca.crt | sed '4s/\(.\)$$/ \1/'; } > $@ 389a8e1175bSopenharmony_ci 390a8e1175bSopenharmony_ciparse_input/server7_trailing_space.crt: server7.crt $(test_ca_int_rsa1) 391a8e1175bSopenharmony_ci cat server7.crt $(test_ca_int_rsa1) | sed 's/\(.\)$$/\1 /' > $@ 392a8e1175bSopenharmony_ci 393a8e1175bSopenharmony_ciserver7_int-ca_ca2.crt: server7.crt $(test_ca_int_rsa1) $(test_ca_crt_file_ec) 394a8e1175bSopenharmony_ci cat server7.crt $(test_ca_int_rsa1) $(test_ca_crt_file_ec) > $@ 395a8e1175bSopenharmony_ciall_final += server7_int-ca_ca2.crt 396a8e1175bSopenharmony_ci 397a8e1175bSopenharmony_ciserver7_int-ca-exp.crt: server7.crt test-int-ca-exp.crt 398a8e1175bSopenharmony_ci cat server7.crt test-int-ca-exp.crt > $@ 399a8e1175bSopenharmony_ciall_final += server7_int-ca-exp.crt 400a8e1175bSopenharmony_ci 401a8e1175bSopenharmony_ciserver7_spurious_int-ca.crt: server7.crt $(test_ca_int_ec) $(test_ca_int_rsa1) 402a8e1175bSopenharmony_ci cat server7.crt $(test_ca_int_ec) $(test_ca_int_rsa1) > $@ 403a8e1175bSopenharmony_ciall_final += server7_spurious_int-ca.crt 404a8e1175bSopenharmony_ci 405a8e1175bSopenharmony_ci# server8* 406a8e1175bSopenharmony_ci 407a8e1175bSopenharmony_ciserver8.crt: server8.key 408a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL, O=PolarSSL, CN=localhost" serial=17 \ 409a8e1175bSopenharmony_ci issuer_crt=$(test_ca_int_ec) issuer_key=$(test_ca_int_key_file_ec) \ 410a8e1175bSopenharmony_ci not_before=20190210144406 not_after=20290210144406 \ 411a8e1175bSopenharmony_ci md=SHA256 version=3 output_file=$@ 412a8e1175bSopenharmony_ciall_final += server8.crt 413a8e1175bSopenharmony_ci 414a8e1175bSopenharmony_ciserver8_int-ca2.crt: server8.crt $(test_ca_int_ec) 415a8e1175bSopenharmony_ci cat $^ > $@ 416a8e1175bSopenharmony_ciall_final += server8_int-ca2.crt 417a8e1175bSopenharmony_ci 418a8e1175bSopenharmony_cicli2.req.sha256: cli2.key 419a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test Client 2" md=SHA256 420a8e1175bSopenharmony_ciall_intermediate += cli2.req.sha256 421a8e1175bSopenharmony_ci 422a8e1175bSopenharmony_ciall_final += server1.req.sha1 423a8e1175bSopenharmony_cicli2.crt: cli2.req.sha256 424a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=cli2.req.sha256 serial=13 selfsign=0 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test EC CA" issuer_key=$(test_ca_key_file_ec) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@ 425a8e1175bSopenharmony_ciall_final += cli2.crt 426a8e1175bSopenharmony_ci 427a8e1175bSopenharmony_cicli2.crt.der: cli2.crt 428a8e1175bSopenharmony_ci $(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER 429a8e1175bSopenharmony_ciall_final += cli2.crt.der 430a8e1175bSopenharmony_ci 431a8e1175bSopenharmony_cicli2.key.der: cli2.key 432a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER 433a8e1175bSopenharmony_ciall_final += cli2.key.der 434a8e1175bSopenharmony_ci 435a8e1175bSopenharmony_ciserver5_pwd_ec = PolarSSLTest 436a8e1175bSopenharmony_ci 437a8e1175bSopenharmony_ciserver5.crt.der: server5.crt 438a8e1175bSopenharmony_ci $(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER 439a8e1175bSopenharmony_ciall_final += server5.crt.der 440a8e1175bSopenharmony_ci 441a8e1175bSopenharmony_ciserver5.key.der: server5.key 442a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER 443a8e1175bSopenharmony_ciall_final += server5.key.der 444a8e1175bSopenharmony_ci 445a8e1175bSopenharmony_ciserver5.key.enc: server5.key 446a8e1175bSopenharmony_ci $(OPENSSL) ec -aes256 -in $< -out $@ -passout "pass:$(server5_pwd_ec)" 447a8e1175bSopenharmony_ciall_final += server5.key.enc 448a8e1175bSopenharmony_ci 449a8e1175bSopenharmony_ciserver5-ss-expired.crt: server5.key 450a8e1175bSopenharmony_ci $(FAKETIME) -f -3653d $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/OU=testsuite/CN=localhost" -days 3653 -sha256 -key $< -out $@ 451a8e1175bSopenharmony_ciall_final += server5-ss-expired.crt 452a8e1175bSopenharmony_ci 453a8e1175bSopenharmony_ci# try to forge a copy of test-int-ca3 with different key 454a8e1175bSopenharmony_ciserver5-ss-forgeca.crt: server5.key 455a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" \ 456a8e1175bSopenharmony_ci -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca \ 457a8e1175bSopenharmony_ci -days 3650 -sha256 -key $< -out $@ 458a8e1175bSopenharmony_ciall_final += server5-ss-forgeca.crt 459a8e1175bSopenharmony_ci 460a8e1175bSopenharmony_ciserver5-selfsigned.crt: server5.key 461a8e1175bSopenharmony_ci openssl req -x509 -key server5.key \ 462a8e1175bSopenharmony_ci -sha256 -days 3650 -nodes \ 463a8e1175bSopenharmony_ci -addext basicConstraints=critical,CA:FALSE \ 464a8e1175bSopenharmony_ci -addext keyUsage=critical,digitalSignature \ 465a8e1175bSopenharmony_ci -addext subjectKeyIdentifier=hash \ 466a8e1175bSopenharmony_ci -addext authorityKeyIdentifier=none \ 467a8e1175bSopenharmony_ci -set_serial 0x53a2cb4b124ead837da894b2 \ 468a8e1175bSopenharmony_ci -subj "/CN=selfsigned/OU=testing/O=PolarSSL/C=NL" \ 469a8e1175bSopenharmony_ci -out $@ 470a8e1175bSopenharmony_ciall_final += server5-selfsigned.crt 471a8e1175bSopenharmony_ci 472a8e1175bSopenharmony_ciparse_input/server5-othername.crt.der: server5.key 473a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions othername_san -days 3650 -sha256 -key $< -outform der -out $@ 474a8e1175bSopenharmony_ci 475a8e1175bSopenharmony_ciparse_input/server5-nonprintable_othername.crt.der: server5.key 476a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS non-printable othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions nonprintable_othername_san -days 3650 -sha256 -key $< -outform der -out $@ 477a8e1175bSopenharmony_ci 478a8e1175bSopenharmony_ciparse_input/server5-unsupported_othername.crt.der: server5.key 479a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS unsupported othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions unsupported_othername_san -days 3650 -sha256 -key $< -outform der -out $@ 480a8e1175bSopenharmony_ci 481a8e1175bSopenharmony_ciparse_input/server5-fan.crt.der: server5.key 482a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS FAN" -set_serial 77 -config $(test_ca_config_file) -extensions fan_cert -days 3650 -sha256 -key server5.key -outform der -out $@ 483a8e1175bSopenharmony_ci 484a8e1175bSopenharmony_ciserver5-tricky-ip-san.crt.der: server5.key 485a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -outform der -out $@ 486a8e1175bSopenharmony_ci 487a8e1175bSopenharmony_ciall_final += server5-tricky-ip-san.crt.der 488a8e1175bSopenharmony_ci 489a8e1175bSopenharmony_ci# malformed IP length 490a8e1175bSopenharmony_ciserver5-tricky-ip-san-malformed-len.crt.der: server5-tricky-ip-san.crt.der 491a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/87046162636487106162/87056162636487106162/" | xxd -r -p > $@ 492a8e1175bSopenharmony_ci 493a8e1175bSopenharmony_ciparse_input/server5-directoryname.crt.der: server5.key 494a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions directory_name_san -days 3650 -sha256 -key server5.key -out $@ 495a8e1175bSopenharmony_ci 496a8e1175bSopenharmony_ciparse_input/server5-two-directorynames.crt.der: server5.key 497a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions two_directorynames -days 3650 -sha256 -key server5.key -out $@ 498a8e1175bSopenharmony_ci 499a8e1175bSopenharmony_ciserver5-der0.crt: server5.crt.der 500a8e1175bSopenharmony_ci cp $< $@ 501a8e1175bSopenharmony_ciserver5-der1a.crt: server5.crt.der 502a8e1175bSopenharmony_ci cp $< $@ 503a8e1175bSopenharmony_ci echo '00' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc 504a8e1175bSopenharmony_ciserver5-der1b.crt: server5.crt.der 505a8e1175bSopenharmony_ci cp $< $@ 506a8e1175bSopenharmony_ci echo 'c1' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc 507a8e1175bSopenharmony_ciserver5-der2.crt: server5.crt.der 508a8e1175bSopenharmony_ci cp $< $@ 509a8e1175bSopenharmony_ci echo 'b90a' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc 510a8e1175bSopenharmony_ciserver5-der4.crt: server5.crt.der 511a8e1175bSopenharmony_ci cp $< $@ 512a8e1175bSopenharmony_ci echo 'a710945f' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc 513a8e1175bSopenharmony_ciserver5-der8.crt: server5.crt.der 514a8e1175bSopenharmony_ci cp $< $@ 515a8e1175bSopenharmony_ci echo 'a4a7ff27267aaa0f' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc 516a8e1175bSopenharmony_ciserver5-der9.crt: server5.crt.der 517a8e1175bSopenharmony_ci cp $< $@ 518a8e1175bSopenharmony_ci echo 'cff8303376ffa47a29' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc 519a8e1175bSopenharmony_ciall_final += server5-der0.crt server5-der1b.crt server5-der4.crt \ 520a8e1175bSopenharmony_ci server5-der9.crt server5-der1a.crt server5-der2.crt \ 521a8e1175bSopenharmony_ci server5-der8.crt 522a8e1175bSopenharmony_ci 523a8e1175bSopenharmony_ci# directoryname sequence tag malformed 524a8e1175bSopenharmony_ciparse_input/server5-directoryname-seq-malformed.crt.der: parse_input/server5-two-directorynames.crt.der 525a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/62A4473045310B/62A4473145310B/" | xxd -r -p > $@ 526a8e1175bSopenharmony_ci 527a8e1175bSopenharmony_ci# Second directoryname OID length malformed 03 -> 15 528a8e1175bSopenharmony_ciparse_input/server5-second-directoryname-oid-malformed.crt.der: parse_input/server5-two-directorynames.crt.der 529a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/0355040A0C0A4D414C464F524D5F4D45/1555040A0C0A4D414C464F524D5F4D45/" | xxd -r -p > $@ 530a8e1175bSopenharmony_ci 531a8e1175bSopenharmony_ciparse_input/rsa_single_san_uri.crt.der rsa_single_san_uri.crt.der: rsa_single_san_uri.key 532a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -outform der -nodes -days 7300 -newkey rsa:2048 -key $< -out $@ -addext "subjectAltName = URI:urn:example.com:5ff40f78-9210-494f-8206-c2c082f0609c" -extensions 'v3_req' -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS URI SAN" 533a8e1175bSopenharmony_ci 534a8e1175bSopenharmony_ciparse_input/rsa_multiple_san_uri.crt.der: rsa_multiple_san_uri.key 535a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -outform der -nodes -days 7300 -newkey rsa:2048 -key $< -out $@ -addext "subjectAltName = URI:urn:example.com:5ff40f78-9210-494f-8206-c2c082f0609c, URI:urn:example.com:5ff40f78-9210-494f-8206-abcde1234567" -extensions 'v3_req' -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS URI SAN" 536a8e1175bSopenharmony_ci 537a8e1175bSopenharmony_citest-int-ca3-badsign.crt: test-int-ca3.crt 538a8e1175bSopenharmony_ci { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ 539a8e1175bSopenharmony_ciall_final += test-int-ca3-badsign.crt 540a8e1175bSopenharmony_ci 541a8e1175bSopenharmony_ci# server9* 542a8e1175bSopenharmony_ci 543a8e1175bSopenharmony_ciserver9.csr: server9.key 544a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ 545a8e1175bSopenharmony_ci -key $< -out $@ 546a8e1175bSopenharmony_ciparse_input/server9.crt server9.crt: server9-sha1.crt 547a8e1175bSopenharmony_ci cp $< $@ 548a8e1175bSopenharmony_ciall_final += server9.crt 549a8e1175bSopenharmony_ciall_intermediate += server9.csr server9-sha1.crt 550a8e1175bSopenharmony_ci 551a8e1175bSopenharmony_ciserver9-%.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) 552a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ 553a8e1175bSopenharmony_ci -passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ 554a8e1175bSopenharmony_ci -set_serial $(SERVER9_CRT_SERIAL) -days 3653 \ 555a8e1175bSopenharmony_ci -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \ 556a8e1175bSopenharmony_ci -sigopt rsa_mgf1_md:$(@F:server9-%.crt=%) -$(@F:server9-%.crt=%) \ 557a8e1175bSopenharmony_ci -in $< -out $@ 558a8e1175bSopenharmony_ciserver9-sha1.crt: SERVER9_CRT_SERIAL=22 559a8e1175bSopenharmony_ciparse_input/server9-sha224.crt server9-sha224.crt: SERVER9_CRT_SERIAL=23 560a8e1175bSopenharmony_ciparse_input/server9-sha256.crt server9-sha256.crt: SERVER9_CRT_SERIAL=24 561a8e1175bSopenharmony_ciparse_input/server9-sha384.crt server9-sha384.crt: SERVER9_CRT_SERIAL=25 562a8e1175bSopenharmony_ciparse_input/server9-sha512.crt server9-sha512.crt: SERVER9_CRT_SERIAL=26 563a8e1175bSopenharmony_ciall_final += server9-sha224.crt server9-sha256.crt server9-sha384.crt server9-sha512.crt 564a8e1175bSopenharmony_ci 565a8e1175bSopenharmony_ciserver9-defaults.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) 566a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ 567a8e1175bSopenharmony_ci -passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ 568a8e1175bSopenharmony_ci -set_serial 72 -days 3653 \ 569a8e1175bSopenharmony_ci -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max -sha1 \ 570a8e1175bSopenharmony_ci -in $< -out $@ 571a8e1175bSopenharmony_ciall_final += server9-defaults.crt 572a8e1175bSopenharmony_ci 573a8e1175bSopenharmony_ciserver9-badsign.crt: server9.crt 574a8e1175bSopenharmony_ci { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ 575a8e1175bSopenharmony_ciall_final += server9-badsign.crt 576a8e1175bSopenharmony_ci 577a8e1175bSopenharmony_ciserver9-with-ca.crt: server9.crt $(test_ca_crt) 578a8e1175bSopenharmony_ci cat $^ > $@ 579a8e1175bSopenharmony_ciall_final += server9-with-ca.crt 580a8e1175bSopenharmony_ci 581a8e1175bSopenharmony_ciserver9-bad-mgfhash.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) 582a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ 583a8e1175bSopenharmony_ci -passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ 584a8e1175bSopenharmony_ci -set_serial 24 -days 3653 \ 585a8e1175bSopenharmony_ci -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \ 586a8e1175bSopenharmony_ci -sigopt rsa_mgf1_md:sha224 -sha256 \ 587a8e1175bSopenharmony_ci -in $< -out $@ 588a8e1175bSopenharmony_ciall_final += server9-bad-mgfhash.crt 589a8e1175bSopenharmony_ci 590a8e1175bSopenharmony_ciserver9-bad-saltlen.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) \ 591a8e1175bSopenharmony_ci opensslcnf/server9.crt.v3_ext \ 592a8e1175bSopenharmony_ci ../scripts/generate_server9_bad_saltlen.py 593a8e1175bSopenharmony_ci ../scripts/generate_server9_bad_saltlen.py --ca-name test-ca \ 594a8e1175bSopenharmony_ci --ca-password $(test_ca_pwd_rsa) --csr server9.csr \ 595a8e1175bSopenharmony_ci --openssl-extfile opensslcnf/server9.crt.v3_ext \ 596a8e1175bSopenharmony_ci --anounce_saltlen 0xde --actual_saltlen 0x20 \ 597a8e1175bSopenharmony_ci --output $@ 598a8e1175bSopenharmony_ciall_final += server9-bad-saltlen.crt 599a8e1175bSopenharmony_ci 600a8e1175bSopenharmony_ci# server10* 601a8e1175bSopenharmony_ci 602a8e1175bSopenharmony_ciserver10.crt: server10.key test-int-ca3.crt test-int-ca3.key 603a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="CN=localhost" serial=75 \ 604a8e1175bSopenharmony_ci issuer_crt=test-int-ca3.crt issuer_key=test-int-ca3.key \ 605a8e1175bSopenharmony_ci subject_identifier=0 authority_identifier=0 \ 606a8e1175bSopenharmony_ci not_before=20190210144406 not_after=20290210144406 \ 607a8e1175bSopenharmony_ci md=SHA256 version=3 output_file=$@ 608a8e1175bSopenharmony_ciall_final += server10.crt 609a8e1175bSopenharmony_ciserver10-badsign.crt: server10.crt 610a8e1175bSopenharmony_ci { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ 611a8e1175bSopenharmony_ciall_final += server10-badsign.crt 612a8e1175bSopenharmony_ciserver10-bs_int3.pem: server10-badsign.crt test-int-ca3.crt 613a8e1175bSopenharmony_ci cat server10-badsign.crt test-int-ca3.crt > $@ 614a8e1175bSopenharmony_ciall_final += server10-bs_int3.pem 615a8e1175bSopenharmony_ciserver10_int3-bs.pem: server10.crt test-int-ca3-badsign.crt 616a8e1175bSopenharmony_ci cat server10.crt test-int-ca3-badsign.crt > $@ 617a8e1175bSopenharmony_ciall_final += server10_int3-bs.pem 618a8e1175bSopenharmony_ciserver10_int3_int-ca2.crt: server10.crt test-int-ca3.crt $(test_ca_int_ec) 619a8e1175bSopenharmony_ci cat $^ > $@ 620a8e1175bSopenharmony_ciall_final += server10_int3_int-ca2.crt 621a8e1175bSopenharmony_ciserver10_int3_int-ca2_ca.crt: server10.crt test-int-ca3.crt $(test_ca_int_ec) $(test_ca_crt) 622a8e1175bSopenharmony_ci cat $^ > $@ 623a8e1175bSopenharmony_ciall_final += server10_int3_int-ca2_ca.crt 624a8e1175bSopenharmony_ciserver10_int3_spurious_int-ca2.crt: server10.crt test-int-ca3.crt $(test_ca_int_rsa1) $(test_ca_int_ec) 625a8e1175bSopenharmony_ci cat $^ > $@ 626a8e1175bSopenharmony_ciall_final += server10_int3_spurious_int-ca2.crt 627a8e1175bSopenharmony_ci 628a8e1175bSopenharmony_cirsa_pkcs1_2048_public.pem: server8.key 629a8e1175bSopenharmony_ci $(OPENSSL) rsa -in $< -outform PEM -RSAPublicKey_out -out $@ 630a8e1175bSopenharmony_ciall_final += rsa_pkcs1_2048_public.pem 631a8e1175bSopenharmony_ci 632a8e1175bSopenharmony_cirsa_pkcs1_2048_public.der: rsa_pkcs1_2048_public.pem 633a8e1175bSopenharmony_ci $(OPENSSL) rsa -RSAPublicKey_in -in $< -outform DER -RSAPublicKey_out -out $@ 634a8e1175bSopenharmony_ciall_final += rsa_pkcs1_2048_public.der 635a8e1175bSopenharmony_ci 636a8e1175bSopenharmony_cirsa_pkcs8_2048_public.pem: server8.key 637a8e1175bSopenharmony_ci $(OPENSSL) rsa -in $< -outform PEM -pubout -out $@ 638a8e1175bSopenharmony_ciall_final += rsa_pkcs8_2048_public.pem 639a8e1175bSopenharmony_ci 640a8e1175bSopenharmony_cirsa_pkcs8_2048_public.der: rsa_pkcs8_2048_public.pem 641a8e1175bSopenharmony_ci $(OPENSSL) rsa -pubin -in $< -outform DER -pubout -out $@ 642a8e1175bSopenharmony_ciall_final += rsa_pkcs8_2048_public.der 643a8e1175bSopenharmony_ci 644a8e1175bSopenharmony_ci# Generate crl_cat_*.pem 645a8e1175bSopenharmony_ci# - crt_cat_*.pem: (1+2) concatenations in various orders: 646a8e1175bSopenharmony_ci# ec = crl-ec-sha256.pem, ecfut = crl-future.pem 647a8e1175bSopenharmony_ci# rsa = crl.pem, rsabadpem = same with pem error, rsaexp = crl_expired.pem 648a8e1175bSopenharmony_ci 649a8e1175bSopenharmony_cicrl_cat_ec-rsa.pem:crl-ec-sha256.pem crl.pem 650a8e1175bSopenharmony_ci cat $^ > $@ 651a8e1175bSopenharmony_ci 652a8e1175bSopenharmony_cicrl_cat_rsa-ec.pem:crl.pem crl-ec-sha256.pem 653a8e1175bSopenharmony_ci cat $^ > $@ 654a8e1175bSopenharmony_ci 655a8e1175bSopenharmony_ciall_final += crl_cat_ec-rsa.pem crl_cat_rsa-ec.pem 656a8e1175bSopenharmony_ci 657a8e1175bSopenharmony_ciauthorityKeyId_subjectKeyId.crt.der: 658a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -nodes -days 7300 -key server2.key -outform DER -out $@ -config authorityKeyId_subjectKeyId.conf -extensions 'v3_req' -set_serial 593828494303792449134898749208168108403991951034 659a8e1175bSopenharmony_ci 660a8e1175bSopenharmony_ciauthorityKeyId_no_keyid.crt.der: 661a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -nodes -days 7300 -key server2.key -outform DER -out $@ -config authorityKeyId_subjectKeyId.conf -extensions 'v3_req_authorityKeyId_no_keyid' -set_serial 593828494303792449134898749208168108403991951034 662a8e1175bSopenharmony_ci 663a8e1175bSopenharmony_ciauthorityKeyId_no_issuer.crt.der: 664a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -nodes -days 7300 -key server2.key -outform DER -out $@ -config authorityKeyId_subjectKeyId.conf -extensions 'v3_req_authorityKeyId_no_issuer' 665a8e1175bSopenharmony_ci 666a8e1175bSopenharmony_ciauthorityKeyId_no_authorityKeyId.crt.der: 667a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -nodes -days 7300 -key server2.key -outform DER -out $@ -config authorityKeyId_subjectKeyId.conf -extensions 'v3_req_no_authorityKeyId' 668a8e1175bSopenharmony_ci 669a8e1175bSopenharmony_ciauthorityKeyId_subjectKeyId_tag_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der 670a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/0414A505E864B8DCDF600F50124D60A864AF4D8B4393/0114A505E864B8DCDF600F50124D60A864AF4D8B4393/" | xxd -r -p > $@ 671a8e1175bSopenharmony_ci 672a8e1175bSopenharmony_ciauthorityKeyId_subjectKeyId_tag_len_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der 673a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/0414A505E864B8DCDF600F50124D60A864AF4D8B4393/0413A505E864B8DCDF600F50124D60A864AF4D8B4393/" | xxd -r -p > $@ 674a8e1175bSopenharmony_ci 675a8e1175bSopenharmony_ciauthorityKeyId_subjectKeyId_length_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der 676a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/306D8014A505E864B8DC/306C8014A505E864B8DC/" | xxd -r -p > $@ 677a8e1175bSopenharmony_ci 678a8e1175bSopenharmony_ciauthorityKeyId_subjectKeyId_sequence_tag_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der 679a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/6F306D8014A505E864B8/6F006D8014A505E864B8/" | xxd -r -p > $@ 680a8e1175bSopenharmony_ci 681a8e1175bSopenharmony_ciauthorityKeyId_subjectKeyId_keyid_tag_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der 682a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/306D8014A505E864B8DC/306D0014A505E864B8DC/" | xxd -r -p > $@ 683a8e1175bSopenharmony_ci 684a8e1175bSopenharmony_ciauthorityKeyId_subjectKeyId_keyid_tag_len_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der 685a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/306D8014A505E864B8DC/306D80FFA505E864B8DC/" | xxd -r -p > $@ 686a8e1175bSopenharmony_ci 687a8e1175bSopenharmony_ciauthorityKeyId_subjectKeyId_issuer_tag1_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der 688a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/A13FA43D303B310B3009/003FA43D303B310B3009/" | xxd -r -p > $@ 689a8e1175bSopenharmony_ci 690a8e1175bSopenharmony_ciauthorityKeyId_subjectKeyId_issuer_tag2_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der 691a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/A43D303B310B30090603/003D303B310B30090603/" | xxd -r -p > $@ 692a8e1175bSopenharmony_ci 693a8e1175bSopenharmony_ciauthorityKeyId_subjectKeyId_sn_tag_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der 694a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/8214680430CD074DE63F/8114680430CD074DE63F/" | xxd -r -p > $@ 695a8e1175bSopenharmony_ci 696a8e1175bSopenharmony_ciauthorityKeyId_subjectKeyId_sn_len_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der 697a8e1175bSopenharmony_ci hexdump -ve '1/1 "%.2X"' $< | sed "s/8214680430CD074DE63F/8213680430CD074DE63F/" | xxd -r -p > $@ 698a8e1175bSopenharmony_ci 699a8e1175bSopenharmony_ci################################################################ 700a8e1175bSopenharmony_ci#### Generate various RSA keys 701a8e1175bSopenharmony_ci################################################################ 702a8e1175bSopenharmony_ci 703a8e1175bSopenharmony_ci### Password used for PKCS1-encoded encrypted RSA keys 704a8e1175bSopenharmony_cikeys_rsa_basic_pwd = testkey 705a8e1175bSopenharmony_ci 706a8e1175bSopenharmony_ci### Password used for PKCS8-encoded encrypted RSA keys 707a8e1175bSopenharmony_cikeys_rsa_pkcs8_pwd = PolarSSLTest 708a8e1175bSopenharmony_ci 709a8e1175bSopenharmony_ci### Basic 1024-, 2048- and 4096-bit unencrypted RSA keys from which 710a8e1175bSopenharmony_ci### all other encrypted RSA keys are derived. 711a8e1175bSopenharmony_cirsa_pkcs1_1024_clear.pem: 712a8e1175bSopenharmony_ci $(OPENSSL) genrsa -out $@ 1024 713a8e1175bSopenharmony_ciall_final += rsa_pkcs1_1024_clear.pem 714a8e1175bSopenharmony_cirsa_pkcs1_2048_clear.pem: 715a8e1175bSopenharmony_ci $(OPENSSL) genrsa -out $@ 2048 716a8e1175bSopenharmony_ciall_final += rsa_pkcs1_2048_clear.pem 717a8e1175bSopenharmony_cirsa_pkcs1_4096_clear.pem: 718a8e1175bSopenharmony_ci $(OPENSSL) genrsa -out $@ 4096 719a8e1175bSopenharmony_ciall_final += rsa_pkcs1_4096_clear.pem 720a8e1175bSopenharmony_ci 721a8e1175bSopenharmony_ci### 722a8e1175bSopenharmony_ci### PKCS1-encoded, encrypted RSA keys 723a8e1175bSopenharmony_ci### 724a8e1175bSopenharmony_ci 725a8e1175bSopenharmony_ci### 1024-bit 726a8e1175bSopenharmony_cirsa_pkcs1_1024_des.pem: rsa_pkcs1_1024_clear.pem 727a8e1175bSopenharmony_ci $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 728a8e1175bSopenharmony_ciall_final += rsa_pkcs1_1024_des.pem 729a8e1175bSopenharmony_cirsa_pkcs1_1024_3des.pem: rsa_pkcs1_1024_clear.pem 730a8e1175bSopenharmony_ci $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 731a8e1175bSopenharmony_ciall_final += rsa_pkcs1_1024_3des.pem 732a8e1175bSopenharmony_cirsa_pkcs1_1024_aes128.pem: rsa_pkcs1_1024_clear.pem 733a8e1175bSopenharmony_ci $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 734a8e1175bSopenharmony_ciall_final += rsa_pkcs1_1024_aes128.pem 735a8e1175bSopenharmony_cirsa_pkcs1_1024_aes192.pem: rsa_pkcs1_1024_clear.pem 736a8e1175bSopenharmony_ci $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 737a8e1175bSopenharmony_ciall_final += rsa_pkcs1_1024_aes192.pem 738a8e1175bSopenharmony_cirsa_pkcs1_1024_aes256.pem: rsa_pkcs1_1024_clear.pem 739a8e1175bSopenharmony_ci $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 740a8e1175bSopenharmony_ciall_final += rsa_pkcs1_1024_aes256.pem 741a8e1175bSopenharmony_cikeys_rsa_enc_basic_1024: rsa_pkcs1_1024_des.pem rsa_pkcs1_1024_3des.pem rsa_pkcs1_1024_aes128.pem rsa_pkcs1_1024_aes192.pem rsa_pkcs1_1024_aes256.pem 742a8e1175bSopenharmony_ci 743a8e1175bSopenharmony_ci# 2048-bit 744a8e1175bSopenharmony_cirsa_pkcs1_2048_des.pem: rsa_pkcs1_2048_clear.pem 745a8e1175bSopenharmony_ci $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 746a8e1175bSopenharmony_ciall_final += rsa_pkcs1_2048_des.pem 747a8e1175bSopenharmony_cirsa_pkcs1_2048_3des.pem: rsa_pkcs1_2048_clear.pem 748a8e1175bSopenharmony_ci $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 749a8e1175bSopenharmony_ciall_final += rsa_pkcs1_2048_3des.pem 750a8e1175bSopenharmony_cirsa_pkcs1_2048_aes128.pem: rsa_pkcs1_2048_clear.pem 751a8e1175bSopenharmony_ci $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 752a8e1175bSopenharmony_ciall_final += rsa_pkcs1_2048_aes128.pem 753a8e1175bSopenharmony_cirsa_pkcs1_2048_aes192.pem: rsa_pkcs1_2048_clear.pem 754a8e1175bSopenharmony_ci $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 755a8e1175bSopenharmony_ciall_final += rsa_pkcs1_2048_aes192.pem 756a8e1175bSopenharmony_cirsa_pkcs1_2048_aes256.pem: rsa_pkcs1_2048_clear.pem 757a8e1175bSopenharmony_ci $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 758a8e1175bSopenharmony_ciall_final += rsa_pkcs1_2048_aes256.pem 759a8e1175bSopenharmony_cikeys_rsa_enc_basic_2048: rsa_pkcs1_2048_des.pem rsa_pkcs1_2048_3des.pem rsa_pkcs1_2048_aes128.pem rsa_pkcs1_2048_aes192.pem rsa_pkcs1_2048_aes256.pem 760a8e1175bSopenharmony_ci 761a8e1175bSopenharmony_ci# 4096-bit 762a8e1175bSopenharmony_cirsa_pkcs1_4096_des.pem: rsa_pkcs1_4096_clear.pem 763a8e1175bSopenharmony_ci $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 764a8e1175bSopenharmony_ciall_final += rsa_pkcs1_4096_des.pem 765a8e1175bSopenharmony_cirsa_pkcs1_4096_3des.pem: rsa_pkcs1_4096_clear.pem 766a8e1175bSopenharmony_ci $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 767a8e1175bSopenharmony_ciall_final += rsa_pkcs1_4096_3des.pem 768a8e1175bSopenharmony_cirsa_pkcs1_4096_aes128.pem: rsa_pkcs1_4096_clear.pem 769a8e1175bSopenharmony_ci $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 770a8e1175bSopenharmony_ciall_final += rsa_pkcs1_4096_aes128.pem 771a8e1175bSopenharmony_cirsa_pkcs1_4096_aes192.pem: rsa_pkcs1_4096_clear.pem 772a8e1175bSopenharmony_ci $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 773a8e1175bSopenharmony_ciall_final += rsa_pkcs1_4096_aes192.pem 774a8e1175bSopenharmony_cirsa_pkcs1_4096_aes256.pem: rsa_pkcs1_4096_clear.pem 775a8e1175bSopenharmony_ci $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" 776a8e1175bSopenharmony_ciall_final += rsa_pkcs1_4096_aes256.pem 777a8e1175bSopenharmony_cikeys_rsa_enc_basic_4096: rsa_pkcs1_4096_des.pem rsa_pkcs1_4096_3des.pem rsa_pkcs1_4096_aes128.pem rsa_pkcs1_4096_aes192.pem rsa_pkcs1_4096_aes256.pem 778a8e1175bSopenharmony_ci 779a8e1175bSopenharmony_ci### 780a8e1175bSopenharmony_ci### PKCS8-v1 encoded, encrypted RSA keys 781a8e1175bSopenharmony_ci### 782a8e1175bSopenharmony_ci 783a8e1175bSopenharmony_ci### 1024-bit 784a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_1024_3des.der: rsa_pkcs1_1024_clear.pem 785a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES 786a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_1024_3des.der 787a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_1024_3des.pem: rsa_pkcs1_1024_clear.pem 788a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES 789a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_1024_3des.pem 790a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v1_1024_3des: rsa_pkcs8_pbe_sha1_1024_3des.pem rsa_pkcs8_pbe_sha1_1024_3des.der 791a8e1175bSopenharmony_ci 792a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_1024_2des.der: rsa_pkcs1_1024_clear.pem 793a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES 794a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_1024_2des.der 795a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_1024_2des.pem: rsa_pkcs1_1024_clear.pem 796a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES 797a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_1024_2des.pem 798a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v1_1024_2des: rsa_pkcs8_pbe_sha1_1024_2des.pem rsa_pkcs8_pbe_sha1_1024_2des.der 799a8e1175bSopenharmony_ci 800a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des 801a8e1175bSopenharmony_ci 802a8e1175bSopenharmony_ci### 2048-bit 803a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_2048_3des.der: rsa_pkcs1_2048_clear.pem 804a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES 805a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_2048_3des.der 806a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_2048_3des.pem: rsa_pkcs1_2048_clear.pem 807a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES 808a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_2048_3des.pem 809a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v1_2048_3des: rsa_pkcs8_pbe_sha1_2048_3des.pem rsa_pkcs8_pbe_sha1_2048_3des.der 810a8e1175bSopenharmony_ci 811a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_2048_2des.der: rsa_pkcs1_2048_clear.pem 812a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES 813a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_2048_2des.der 814a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_2048_2des.pem: rsa_pkcs1_2048_clear.pem 815a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES 816a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_2048_2des.pem 817a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v1_2048_2des: rsa_pkcs8_pbe_sha1_2048_2des.pem rsa_pkcs8_pbe_sha1_2048_2des.der 818a8e1175bSopenharmony_ci 819a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des 820a8e1175bSopenharmony_ci 821a8e1175bSopenharmony_ci### 4096-bit 822a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_4096_3des.der: rsa_pkcs1_4096_clear.pem 823a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES 824a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_4096_3des.der 825a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_4096_3des.pem: rsa_pkcs1_4096_clear.pem 826a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES 827a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_4096_3des.pem 828a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v1_4096_3des: rsa_pkcs8_pbe_sha1_4096_3des.pem rsa_pkcs8_pbe_sha1_4096_3des.der 829a8e1175bSopenharmony_ci 830a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_4096_2des.der: rsa_pkcs1_4096_clear.pem 831a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES 832a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_4096_2des.der 833a8e1175bSopenharmony_cirsa_pkcs8_pbe_sha1_4096_2des.pem: rsa_pkcs1_4096_clear.pem 834a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES 835a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbe_sha1_4096_2des.pem 836a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v1_4096_2des: rsa_pkcs8_pbe_sha1_4096_2des.pem rsa_pkcs8_pbe_sha1_4096_2des.der 837a8e1175bSopenharmony_ci 838a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des 839a8e1175bSopenharmony_ci 840a8e1175bSopenharmony_ci### 841a8e1175bSopenharmony_ci### PKCS8-v2 encoded, encrypted RSA keys, no PRF specified (default for OpenSSL1.0: hmacWithSHA1) 842a8e1175bSopenharmony_ci### 843a8e1175bSopenharmony_ci 844a8e1175bSopenharmony_ci### 1024-bit 845a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_3des.der: rsa_pkcs1_1024_clear.pem 846a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 847a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.der 848a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_3des.pem: rsa_pkcs1_1024_clear.pem 849a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 850a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem 851a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_3des: rsa_pkcs8_pbes2_pbkdf2_1024_3des.der rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem 852a8e1175bSopenharmony_ci 853a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_des.der: rsa_pkcs1_1024_clear.pem 854a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 855a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.der 856a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_des.pem: rsa_pkcs1_1024_clear.pem 857a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 858a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.pem 859a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_des: rsa_pkcs8_pbes2_pbkdf2_1024_des.der rsa_pkcs8_pbes2_pbkdf2_1024_des.pem 860a8e1175bSopenharmony_ci 861a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024: keys_rsa_enc_pkcs8_v2_1024_3des keys_rsa_enc_pkcs8_v2_1024_des 862a8e1175bSopenharmony_ci 863a8e1175bSopenharmony_ci### 2048-bit 864a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_3des.der: rsa_pkcs1_2048_clear.pem 865a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 866a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.der 867a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_3des.pem: rsa_pkcs1_2048_clear.pem 868a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 869a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem 870a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_3des: rsa_pkcs8_pbes2_pbkdf2_2048_3des.der rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem 871a8e1175bSopenharmony_ci 872a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_des.der: rsa_pkcs1_2048_clear.pem 873a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 874a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.der 875a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_des.pem: rsa_pkcs1_2048_clear.pem 876a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 877a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.pem 878a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_des: rsa_pkcs8_pbes2_pbkdf2_2048_des.der rsa_pkcs8_pbes2_pbkdf2_2048_des.pem 879a8e1175bSopenharmony_ci 880a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048: keys_rsa_enc_pkcs8_v2_2048_3des keys_rsa_enc_pkcs8_v2_2048_des 881a8e1175bSopenharmony_ci 882a8e1175bSopenharmony_ci### 4096-bit 883a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_3des.der: rsa_pkcs1_4096_clear.pem 884a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 885a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.der 886a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_3des.pem: rsa_pkcs1_4096_clear.pem 887a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 888a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem 889a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_3des: rsa_pkcs8_pbes2_pbkdf2_4096_3des.der rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem 890a8e1175bSopenharmony_ci 891a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_des.der: rsa_pkcs1_4096_clear.pem 892a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 893a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.der 894a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_des.pem: rsa_pkcs1_4096_clear.pem 895a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 896a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.pem 897a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_des: rsa_pkcs8_pbes2_pbkdf2_4096_des.der rsa_pkcs8_pbes2_pbkdf2_4096_des.pem 898a8e1175bSopenharmony_ci 899a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096: keys_rsa_enc_pkcs8_v2_4096_3des keys_rsa_enc_pkcs8_v2_4096_des 900a8e1175bSopenharmony_ci 901a8e1175bSopenharmony_ci### 902a8e1175bSopenharmony_ci### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA224 903a8e1175bSopenharmony_ci### 904a8e1175bSopenharmony_ci 905a8e1175bSopenharmony_ci### 1024-bit 906a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der: rsa_pkcs1_1024_clear.pem 907a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 908a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der 909a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem: rsa_pkcs1_1024_clear.pem 910a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 911a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem 912a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem 913a8e1175bSopenharmony_ci 914a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der: rsa_pkcs1_1024_clear.pem 915a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 916a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der 917a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem: rsa_pkcs1_1024_clear.pem 918a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 919a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem 920a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem 921a8e1175bSopenharmony_ci 922a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_sha224: keys_rsa_enc_pkcs8_v2_1024_3des_sha224 keys_rsa_enc_pkcs8_v2_1024_des_sha224 923a8e1175bSopenharmony_ci 924a8e1175bSopenharmony_ci### 2048-bit 925a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der: rsa_pkcs1_2048_clear.pem 926a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 927a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der 928a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem: rsa_pkcs1_2048_clear.pem 929a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 930a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem 931a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem 932a8e1175bSopenharmony_ci 933a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der: rsa_pkcs1_2048_clear.pem 934a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 935a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der 936a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem: rsa_pkcs1_2048_clear.pem 937a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 938a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem 939a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem 940a8e1175bSopenharmony_ci 941a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_sha224: keys_rsa_enc_pkcs8_v2_2048_3des_sha224 keys_rsa_enc_pkcs8_v2_2048_des_sha224 942a8e1175bSopenharmony_ci 943a8e1175bSopenharmony_ci### 4096-bit 944a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der: rsa_pkcs1_4096_clear.pem 945a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 946a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der 947a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem: rsa_pkcs1_4096_clear.pem 948a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 949a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem 950a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem 951a8e1175bSopenharmony_ci 952a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der: rsa_pkcs1_4096_clear.pem 953a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 954a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der 955a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem: rsa_pkcs1_4096_clear.pem 956a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 957a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem 958a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem 959a8e1175bSopenharmony_ci 960a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_sha224: keys_rsa_enc_pkcs8_v2_4096_3des_sha224 keys_rsa_enc_pkcs8_v2_4096_des_sha224 961a8e1175bSopenharmony_ci 962a8e1175bSopenharmony_ci### 963a8e1175bSopenharmony_ci### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA256 964a8e1175bSopenharmony_ci### 965a8e1175bSopenharmony_ci 966a8e1175bSopenharmony_ci### 1024-bit 967a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der: rsa_pkcs1_1024_clear.pem 968a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 969a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der 970a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem: rsa_pkcs1_1024_clear.pem 971a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 972a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem 973a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem 974a8e1175bSopenharmony_ci 975a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der: rsa_pkcs1_1024_clear.pem 976a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 977a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der 978a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem: rsa_pkcs1_1024_clear.pem 979a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 980a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem 981a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem 982a8e1175bSopenharmony_ci 983a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_sha256: keys_rsa_enc_pkcs8_v2_1024_3des_sha256 keys_rsa_enc_pkcs8_v2_1024_des_sha256 984a8e1175bSopenharmony_ci 985a8e1175bSopenharmony_ci### 2048-bit 986a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der: rsa_pkcs1_2048_clear.pem 987a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 988a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der 989a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem: rsa_pkcs1_2048_clear.pem 990a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 991a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem 992a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem 993a8e1175bSopenharmony_ci 994a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der: rsa_pkcs1_2048_clear.pem 995a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 996a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der 997a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem: rsa_pkcs1_2048_clear.pem 998a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 999a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem 1000a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem 1001a8e1175bSopenharmony_ci 1002a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_sha256: keys_rsa_enc_pkcs8_v2_2048_3des_sha256 keys_rsa_enc_pkcs8_v2_2048_des_sha256 1003a8e1175bSopenharmony_ci 1004a8e1175bSopenharmony_ci### 4096-bit 1005a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der: rsa_pkcs1_4096_clear.pem 1006a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1007a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der 1008a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem: rsa_pkcs1_4096_clear.pem 1009a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1010a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem 1011a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem 1012a8e1175bSopenharmony_ci 1013a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der: rsa_pkcs1_4096_clear.pem 1014a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1015a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der 1016a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem: rsa_pkcs1_4096_clear.pem 1017a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1018a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem 1019a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem 1020a8e1175bSopenharmony_ci 1021a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_sha256: keys_rsa_enc_pkcs8_v2_4096_3des_sha256 keys_rsa_enc_pkcs8_v2_4096_des_sha256 1022a8e1175bSopenharmony_ci 1023a8e1175bSopenharmony_ci### 1024a8e1175bSopenharmony_ci### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA384 1025a8e1175bSopenharmony_ci### 1026a8e1175bSopenharmony_ci 1027a8e1175bSopenharmony_ci### 1024-bit 1028a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der: rsa_pkcs1_1024_clear.pem 1029a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1030a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der 1031a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem: rsa_pkcs1_1024_clear.pem 1032a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1033a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem 1034a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem 1035a8e1175bSopenharmony_ci 1036a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der: rsa_pkcs1_1024_clear.pem 1037a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1038a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der 1039a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem: rsa_pkcs1_1024_clear.pem 1040a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1041a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem 1042a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem 1043a8e1175bSopenharmony_ci 1044a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_sha384: keys_rsa_enc_pkcs8_v2_1024_3des_sha384 keys_rsa_enc_pkcs8_v2_1024_des_sha384 1045a8e1175bSopenharmony_ci 1046a8e1175bSopenharmony_ci### 2048-bit 1047a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der: rsa_pkcs1_2048_clear.pem 1048a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1049a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der 1050a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem: rsa_pkcs1_2048_clear.pem 1051a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1052a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem 1053a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem 1054a8e1175bSopenharmony_ci 1055a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der: rsa_pkcs1_2048_clear.pem 1056a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 aes-128-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1057a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der 1058a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.pem: rsa_pkcs1_2048_clear.pem 1059a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 aes-128-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1060a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.pem 1061a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_aes128cbc_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.pem 1062a8e1175bSopenharmony_ci 1063a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.der: rsa_pkcs1_2048_clear.pem 1064a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 aes-192-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1065a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.der 1066a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem: rsa_pkcs1_2048_clear.pem 1067a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 aes-192-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1068a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem 1069a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_aes192cbc_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem 1070a8e1175bSopenharmony_ci 1071a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der: rsa_pkcs1_2048_clear.pem 1072a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 aes-256-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1073a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der 1074a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem: rsa_pkcs1_2048_clear.pem 1075a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 aes-256-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1076a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem 1077a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_aes256cbc_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem 1078a8e1175bSopenharmony_ci 1079a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der: rsa_pkcs1_2048_clear.pem 1080a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1081a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der 1082a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem: rsa_pkcs1_2048_clear.pem 1083a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1084a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem 1085a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem 1086a8e1175bSopenharmony_ci 1087a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_sha384: keys_rsa_enc_pkcs8_v2_2048_3des_sha384 keys_rsa_enc_pkcs8_v2_2048_des_sha384 1088a8e1175bSopenharmony_ci 1089a8e1175bSopenharmony_ci### 4096-bit 1090a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der: rsa_pkcs1_4096_clear.pem 1091a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1092a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der 1093a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem: rsa_pkcs1_4096_clear.pem 1094a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1095a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem 1096a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem 1097a8e1175bSopenharmony_ci 1098a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der: rsa_pkcs1_4096_clear.pem 1099a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1100a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der 1101a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem: rsa_pkcs1_4096_clear.pem 1102a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1103a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem 1104a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem 1105a8e1175bSopenharmony_ci 1106a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_sha384: keys_rsa_enc_pkcs8_v2_4096_3des_sha384 keys_rsa_enc_pkcs8_v2_4096_des_sha384 1107a8e1175bSopenharmony_ci 1108a8e1175bSopenharmony_ci### 1109a8e1175bSopenharmony_ci### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA512 1110a8e1175bSopenharmony_ci### 1111a8e1175bSopenharmony_ci 1112a8e1175bSopenharmony_ci### 1024-bit 1113a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der: rsa_pkcs1_1024_clear.pem 1114a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1115a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der 1116a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem: rsa_pkcs1_1024_clear.pem 1117a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1118a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem 1119a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem 1120a8e1175bSopenharmony_ci 1121a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der: rsa_pkcs1_1024_clear.pem 1122a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1123a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der 1124a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem: rsa_pkcs1_1024_clear.pem 1125a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1126a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem 1127a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem 1128a8e1175bSopenharmony_ci 1129a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_1024_sha512: keys_rsa_enc_pkcs8_v2_1024_3des_sha512 keys_rsa_enc_pkcs8_v2_1024_des_sha512 1130a8e1175bSopenharmony_ci 1131a8e1175bSopenharmony_ci### 2048-bit 1132a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der: rsa_pkcs1_2048_clear.pem 1133a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1134a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der 1135a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem: rsa_pkcs1_2048_clear.pem 1136a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1137a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem 1138a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem 1139a8e1175bSopenharmony_ci 1140a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der: rsa_pkcs1_2048_clear.pem 1141a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1142a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der 1143a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem: rsa_pkcs1_2048_clear.pem 1144a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1145a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem 1146a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem 1147a8e1175bSopenharmony_ci 1148a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_2048_sha512: keys_rsa_enc_pkcs8_v2_2048_3des_sha512 keys_rsa_enc_pkcs8_v2_2048_des_sha512 1149a8e1175bSopenharmony_ci 1150a8e1175bSopenharmony_ci### 4096-bit 1151a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der: rsa_pkcs1_4096_clear.pem 1152a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1153a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der 1154a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem: rsa_pkcs1_4096_clear.pem 1155a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1156a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem 1157a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem 1158a8e1175bSopenharmony_ci 1159a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der: rsa_pkcs1_4096_clear.pem 1160a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1161a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der 1162a8e1175bSopenharmony_cirsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem: rsa_pkcs1_4096_clear.pem 1163a8e1175bSopenharmony_ci $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" 1164a8e1175bSopenharmony_ciall_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem 1165a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem 1166a8e1175bSopenharmony_ci 1167a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2_4096_sha512: keys_rsa_enc_pkcs8_v2_4096_3des_sha512 keys_rsa_enc_pkcs8_v2_4096_des_sha512 1168a8e1175bSopenharmony_ci 1169a8e1175bSopenharmony_ci### 1170a8e1175bSopenharmony_ci### Rules to generate all RSA keys from a particular class 1171a8e1175bSopenharmony_ci### 1172a8e1175bSopenharmony_ci 1173a8e1175bSopenharmony_ci### Generate basic unencrypted RSA keys 1174a8e1175bSopenharmony_cikeys_rsa_unenc: rsa_pkcs1_1024_clear.pem rsa_pkcs1_2048_clear.pem rsa_pkcs1_4096_clear.pem 1175a8e1175bSopenharmony_ci 1176a8e1175bSopenharmony_ci### Generate PKCS1-encoded encrypted RSA keys 1177a8e1175bSopenharmony_cikeys_rsa_enc_basic: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096 1178a8e1175bSopenharmony_ci 1179a8e1175bSopenharmony_ci### Generate PKCS8-v1 encrypted RSA keys 1180a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v1: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v1_4096 1181a8e1175bSopenharmony_ci 1182a8e1175bSopenharmony_ci### Generate PKCS8-v2 encrypted RSA keys 1183a8e1175bSopenharmony_cikeys_rsa_enc_pkcs8_v2: keys_rsa_enc_pkcs8_v2_1024 keys_rsa_enc_pkcs8_v2_2048 keys_rsa_enc_pkcs8_v2_4096 keys_rsa_enc_pkcs8_v2_1024_sha224 keys_rsa_enc_pkcs8_v2_2048_sha224 keys_rsa_enc_pkcs8_v2_4096_sha224 keys_rsa_enc_pkcs8_v2_1024_sha256 keys_rsa_enc_pkcs8_v2_2048_sha256 keys_rsa_enc_pkcs8_v2_4096_sha256 keys_rsa_enc_pkcs8_v2_1024_sha384 keys_rsa_enc_pkcs8_v2_2048_sha384 keys_rsa_enc_pkcs8_v2_4096_sha384 keys_rsa_enc_pkcs8_v2_1024_sha512 keys_rsa_enc_pkcs8_v2_2048_sha512 keys_rsa_enc_pkcs8_v2_4096_sha512 1184a8e1175bSopenharmony_ci 1185a8e1175bSopenharmony_ci### Generate all RSA keys 1186a8e1175bSopenharmony_cikeys_rsa_all: keys_rsa_unenc keys_rsa_enc_basic keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2 1187a8e1175bSopenharmony_ci 1188a8e1175bSopenharmony_ci################################################################ 1189a8e1175bSopenharmony_ci#### Generate various EC keys 1190a8e1175bSopenharmony_ci################################################################ 1191a8e1175bSopenharmony_ci 1192a8e1175bSopenharmony_ci### 1193a8e1175bSopenharmony_ci### PKCS8 encoded 1194a8e1175bSopenharmony_ci### 1195a8e1175bSopenharmony_ci 1196a8e1175bSopenharmony_ciec_prv.pk8.der: 1197a8e1175bSopenharmony_ci $(OPENSSL) genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime192v1 -pkeyopt ec_param_enc:named_curve -out $@ -outform DER 1198a8e1175bSopenharmony_ciall_final += ec_prv.pk8.der 1199a8e1175bSopenharmony_ci 1200a8e1175bSopenharmony_ci# ### Instructions for creating `ec_prv.pk8nopub.der`, 1201a8e1175bSopenharmony_ci# ### `ec_prv.pk8nopubparam.der`, and `ec_prv.pk8param.der` by hand from 1202a8e1175bSopenharmony_ci# ### `ec_prv.pk8.der`. 1203a8e1175bSopenharmony_ci# 1204a8e1175bSopenharmony_ci# These instructions assume you are familiar with ASN.1 DER encoding and can 1205a8e1175bSopenharmony_ci# use a hex editor to manipulate DER. 1206a8e1175bSopenharmony_ci# 1207a8e1175bSopenharmony_ci# The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are: 1208a8e1175bSopenharmony_ci# 1209a8e1175bSopenharmony_ci# PrivateKeyInfo ::= SEQUENCE { 1210a8e1175bSopenharmony_ci# version Version, 1211a8e1175bSopenharmony_ci# privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, 1212a8e1175bSopenharmony_ci# privateKey PrivateKey, 1213a8e1175bSopenharmony_ci# attributes [0] IMPLICIT Attributes OPTIONAL 1214a8e1175bSopenharmony_ci# } 1215a8e1175bSopenharmony_ci# 1216a8e1175bSopenharmony_ci# AlgorithmIdentifier ::= SEQUENCE { 1217a8e1175bSopenharmony_ci# algorithm OBJECT IDENTIFIER, 1218a8e1175bSopenharmony_ci# parameters ANY DEFINED BY algorithm OPTIONAL 1219a8e1175bSopenharmony_ci# } 1220a8e1175bSopenharmony_ci# 1221a8e1175bSopenharmony_ci# ECParameters ::= CHOICE { 1222a8e1175bSopenharmony_ci# namedCurve OBJECT IDENTIFIER 1223a8e1175bSopenharmony_ci# -- implicitCurve NULL 1224a8e1175bSopenharmony_ci# -- specifiedCurve SpecifiedECDomain 1225a8e1175bSopenharmony_ci# } 1226a8e1175bSopenharmony_ci# 1227a8e1175bSopenharmony_ci# ECPrivateKey ::= SEQUENCE { 1228a8e1175bSopenharmony_ci# version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), 1229a8e1175bSopenharmony_ci# privateKey OCTET STRING, 1230a8e1175bSopenharmony_ci# parameters [0] ECParameters {{ NamedCurve }} OPTIONAL, 1231a8e1175bSopenharmony_ci# publicKey [1] BIT STRING OPTIONAL 1232a8e1175bSopenharmony_ci# } 1233a8e1175bSopenharmony_ci# 1234a8e1175bSopenharmony_ci# `ec_prv.pk8.der` as generatde above by OpenSSL should have the following 1235a8e1175bSopenharmony_ci# fields: 1236a8e1175bSopenharmony_ci# 1237a8e1175bSopenharmony_ci# * privateKeyAlgorithm namedCurve 1238a8e1175bSopenharmony_ci# * privateKey.parameters NOT PRESENT 1239a8e1175bSopenharmony_ci# * privateKey.publicKey PRESENT 1240a8e1175bSopenharmony_ci# * attributes NOT PRESENT 1241a8e1175bSopenharmony_ci# 1242a8e1175bSopenharmony_ci# # ec_prv.pk8nopub.der 1243a8e1175bSopenharmony_ci# 1244a8e1175bSopenharmony_ci# Take `ec_prv.pk8.der` and remove `privateKey.publicKey`. 1245a8e1175bSopenharmony_ci# 1246a8e1175bSopenharmony_ci# # ec_prv.pk8nopubparam.der 1247a8e1175bSopenharmony_ci# 1248a8e1175bSopenharmony_ci# Take `ec_prv.pk8nopub.der` and add `privateKey.parameters`, the same value as 1249a8e1175bSopenharmony_ci# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag. 1250a8e1175bSopenharmony_ci# 1251a8e1175bSopenharmony_ci# # ec_prv.pk8param.der 1252a8e1175bSopenharmony_ci# 1253a8e1175bSopenharmony_ci# Take `ec_prv.pk8.der` and add `privateKey.parameters`, the same value as 1254a8e1175bSopenharmony_ci# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag. 1255a8e1175bSopenharmony_ci 1256a8e1175bSopenharmony_ciec_prv.pk8.pem: ec_prv.pk8.der 1257a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -inform DER -out $@ 1258a8e1175bSopenharmony_ciall_final += ec_prv.pk8.pem 1259a8e1175bSopenharmony_ciec_prv.pk8nopub.pem: ec_prv.pk8nopub.der 1260a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -inform DER -out $@ 1261a8e1175bSopenharmony_ciall_final += ec_prv.pk8nopub.pem 1262a8e1175bSopenharmony_ciec_prv.pk8nopubparam.pem: ec_prv.pk8nopubparam.der 1263a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -inform DER -out $@ 1264a8e1175bSopenharmony_ciall_final += ec_prv.pk8nopubparam.pem 1265a8e1175bSopenharmony_ciec_prv.pk8param.pem: ec_prv.pk8param.der 1266a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -inform DER -out $@ 1267a8e1175bSopenharmony_ciall_final += ec_prv.pk8param.pem 1268a8e1175bSopenharmony_ci 1269a8e1175bSopenharmony_ciec_pub.pem: ec_prv.sec1.der 1270a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -inform DER -outform PEM -pubout -out $@ 1271a8e1175bSopenharmony_ciall_final += ec_pub.pem 1272a8e1175bSopenharmony_ci 1273a8e1175bSopenharmony_ciec_prv.sec1.comp.pem: ec_prv.sec1.pem 1274a8e1175bSopenharmony_ci $(OPENSSL) ec -in $< -out $@ -conv_form compressed 1275a8e1175bSopenharmony_ciall_final += ec_prv.sec1.comp.pem 1276a8e1175bSopenharmony_ci 1277a8e1175bSopenharmony_ciec_224_prv.comp.pem: ec_224_prv.pem 1278a8e1175bSopenharmony_ci $(OPENSSL) ec -in $< -out $@ -conv_form compressed 1279a8e1175bSopenharmony_ciall_final += ec_224_prv.comp.pem 1280a8e1175bSopenharmony_ci 1281a8e1175bSopenharmony_ciec_256_prv.comp.pem: ec_256_prv.pem 1282a8e1175bSopenharmony_ci $(OPENSSL) ec -in $< -out $@ -conv_form compressed 1283a8e1175bSopenharmony_ciall_final += ec_256_prv.comp.pem 1284a8e1175bSopenharmony_ci 1285a8e1175bSopenharmony_ciec_384_prv.comp.pem: ec_384_prv.pem 1286a8e1175bSopenharmony_ci $(OPENSSL) ec -in $< -out $@ -conv_form compressed 1287a8e1175bSopenharmony_ciall_final += ec_384_prv.comp.pem 1288a8e1175bSopenharmony_ci 1289a8e1175bSopenharmony_ciec_521_prv.comp.pem: ec_521_prv.pem 1290a8e1175bSopenharmony_ci $(OPENSSL) ec -in $< -out $@ -conv_form compressed 1291a8e1175bSopenharmony_ciall_final += ec_521_prv.comp.pem 1292a8e1175bSopenharmony_ci 1293a8e1175bSopenharmony_ciec_bp256_prv.comp.pem: ec_bp256_prv.pem 1294a8e1175bSopenharmony_ci $(OPENSSL) ec -in $< -out $@ -conv_form compressed 1295a8e1175bSopenharmony_ciall_final += ec_bp256_prv.comp.pem 1296a8e1175bSopenharmony_ci 1297a8e1175bSopenharmony_ciec_bp384_prv.comp.pem: ec_bp384_prv.pem 1298a8e1175bSopenharmony_ci $(OPENSSL) ec -in $< -out $@ -conv_form compressed 1299a8e1175bSopenharmony_ciall_final += ec_bp384_prv.comp.pem 1300a8e1175bSopenharmony_ci 1301a8e1175bSopenharmony_ciec_bp512_prv.comp.pem: ec_bp512_prv.pem 1302a8e1175bSopenharmony_ci $(OPENSSL) ec -in $< -out $@ -conv_form compressed 1303a8e1175bSopenharmony_ciall_final += ec_bp512_prv.comp.pem 1304a8e1175bSopenharmony_ci 1305a8e1175bSopenharmony_ciec_pub.comp.pem: ec_pub.pem 1306a8e1175bSopenharmony_ci $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed 1307a8e1175bSopenharmony_ciall_final += ec_pub.comp.pem 1308a8e1175bSopenharmony_ci 1309a8e1175bSopenharmony_ciec_224_pub.comp.pem: ec_224_pub.pem 1310a8e1175bSopenharmony_ci $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed 1311a8e1175bSopenharmony_ciall_final += ec_224_pub.comp.pem 1312a8e1175bSopenharmony_ci 1313a8e1175bSopenharmony_ciec_256_pub.comp.pem: ec_256_pub.pem 1314a8e1175bSopenharmony_ci $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed 1315a8e1175bSopenharmony_ciall_final += ec_256_pub.comp.pem 1316a8e1175bSopenharmony_ci 1317a8e1175bSopenharmony_ciec_384_pub.comp.pem: ec_384_pub.pem 1318a8e1175bSopenharmony_ci $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed 1319a8e1175bSopenharmony_ciall_final += ec_384_pub.comp.pem 1320a8e1175bSopenharmony_ci 1321a8e1175bSopenharmony_ciec_521_pub.comp.pem: ec_521_pub.pem 1322a8e1175bSopenharmony_ci $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed 1323a8e1175bSopenharmony_ciall_final += ec_521_pub.comp.pem 1324a8e1175bSopenharmony_ci 1325a8e1175bSopenharmony_ciec_bp256_pub.comp.pem: ec_bp256_pub.pem 1326a8e1175bSopenharmony_ci $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed 1327a8e1175bSopenharmony_ciall_final += ec_bp256_pub.comp.pem 1328a8e1175bSopenharmony_ci 1329a8e1175bSopenharmony_ciec_bp384_pub.comp.pem: ec_bp384_pub.pem 1330a8e1175bSopenharmony_ci $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed 1331a8e1175bSopenharmony_ciall_final += ec_bp384_pub.comp.pem 1332a8e1175bSopenharmony_ci 1333a8e1175bSopenharmony_ciec_bp512_pub.comp.pem: ec_bp512_pub.pem 1334a8e1175bSopenharmony_ci $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed 1335a8e1175bSopenharmony_ciall_final += ec_bp512_pub.comp.pem 1336a8e1175bSopenharmony_ci 1337a8e1175bSopenharmony_ciec_x25519_prv.der: 1338a8e1175bSopenharmony_ci $(OPENSSL) genpkey -algorithm X25519 -out $@ -outform DER 1339a8e1175bSopenharmony_ciall_final += ec_x25519_prv.der 1340a8e1175bSopenharmony_ci 1341a8e1175bSopenharmony_ciec_x25519_pub.der: ec_x25519_prv.der 1342a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -inform DER -out $@ -outform DER -pubout 1343a8e1175bSopenharmony_ciall_final += ec_x25519_pub.der 1344a8e1175bSopenharmony_ci 1345a8e1175bSopenharmony_ciec_x25519_prv.pem: ec_x25519_prv.der 1346a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -inform DER -out $@ 1347a8e1175bSopenharmony_ciall_final += ec_x25519_prv.pem 1348a8e1175bSopenharmony_ci 1349a8e1175bSopenharmony_ciec_x25519_pub.pem: ec_x25519_prv.der 1350a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -inform DER -out $@ -pubout 1351a8e1175bSopenharmony_ciall_final += ec_x25519_pub.pem 1352a8e1175bSopenharmony_ci 1353a8e1175bSopenharmony_ciec_x448_prv.der: 1354a8e1175bSopenharmony_ci $(OPENSSL) genpkey -algorithm X448 -out $@ -outform DER 1355a8e1175bSopenharmony_ciall_final += ec_x448_prv.der 1356a8e1175bSopenharmony_ci 1357a8e1175bSopenharmony_ciec_x448_pub.der: ec_x448_prv.der 1358a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -inform DER -out $@ -outform DER -pubout 1359a8e1175bSopenharmony_ciall_final += ec_x448_pub.der 1360a8e1175bSopenharmony_ci 1361a8e1175bSopenharmony_ciec_x448_prv.pem: ec_x448_prv.der 1362a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -inform DER -out $@ 1363a8e1175bSopenharmony_ciall_final += ec_x448_prv.pem 1364a8e1175bSopenharmony_ci 1365a8e1175bSopenharmony_ciec_x448_pub.pem: ec_x448_prv.der 1366a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -inform DER -out $@ -pubout 1367a8e1175bSopenharmony_ciall_final += ec_x448_pub.pem 1368a8e1175bSopenharmony_ci 1369a8e1175bSopenharmony_ci################################################################ 1370a8e1175bSopenharmony_ci#### Convert PEM keys to DER format 1371a8e1175bSopenharmony_ci################################################################ 1372a8e1175bSopenharmony_ciserver1.pubkey.der: server1.pubkey 1373a8e1175bSopenharmony_ci $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER 1374a8e1175bSopenharmony_ciall_final += server1.pubkey.der 1375a8e1175bSopenharmony_ci 1376a8e1175bSopenharmony_cirsa4096_pub.der: rsa4096_pub.pem 1377a8e1175bSopenharmony_ci $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER 1378a8e1175bSopenharmony_ciall_final += rsa4096_pub.der 1379a8e1175bSopenharmony_ci 1380a8e1175bSopenharmony_ciec_pub.der: ec_pub.pem 1381a8e1175bSopenharmony_ci $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER 1382a8e1175bSopenharmony_ciall_final += ec_pub.der 1383a8e1175bSopenharmony_ci 1384a8e1175bSopenharmony_ciec_521_pub.der: ec_521_pub.pem 1385a8e1175bSopenharmony_ci $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER 1386a8e1175bSopenharmony_ciall_final += ec_521_pub.der 1387a8e1175bSopenharmony_ci 1388a8e1175bSopenharmony_ciec_bp512_pub.der: ec_bp512_pub.pem 1389a8e1175bSopenharmony_ci $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER 1390a8e1175bSopenharmony_ciall_final += ec_bp512_pub.der 1391a8e1175bSopenharmony_ci 1392a8e1175bSopenharmony_ciserver1.key.der: server1.key 1393a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -outform DER 1394a8e1175bSopenharmony_ciall_final += server1.key.der 1395a8e1175bSopenharmony_ci 1396a8e1175bSopenharmony_cirsa4096_prv.der: rsa4096_prv.pem 1397a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -outform DER 1398a8e1175bSopenharmony_ciall_final += rsa4096_prv.der 1399a8e1175bSopenharmony_ci 1400a8e1175bSopenharmony_ciec_prv.sec1.der: ec_prv.sec1.pem 1401a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -outform DER 1402a8e1175bSopenharmony_ciall_final += ec_prv.sec1.der 1403a8e1175bSopenharmony_ci 1404a8e1175bSopenharmony_ciec_256_long_prv.der: ec_256_long_prv.pem 1405a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -outform DER 1406a8e1175bSopenharmony_ciall_final += ec_256_long_prv.der 1407a8e1175bSopenharmony_ci 1408a8e1175bSopenharmony_ciec_521_prv.der: ec_521_prv.pem 1409a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -outform DER 1410a8e1175bSopenharmony_ciall_final += ec_521_prv.der 1411a8e1175bSopenharmony_ci 1412a8e1175bSopenharmony_ciec_521_short_prv.der: ec_521_short_prv.pem 1413a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -outform DER 1414a8e1175bSopenharmony_ciall_final += ec_521_short_prv.der 1415a8e1175bSopenharmony_ci 1416a8e1175bSopenharmony_ciec_bp512_prv.der: ec_bp512_prv.pem 1417a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -outform DER 1418a8e1175bSopenharmony_ciall_final += ec_bp512_prv.der 1419a8e1175bSopenharmony_ci 1420a8e1175bSopenharmony_ci################################################################ 1421a8e1175bSopenharmony_ci### Generate CSRs for X.509 write test suite 1422a8e1175bSopenharmony_ci################################################################ 1423a8e1175bSopenharmony_ci 1424a8e1175bSopenharmony_ciparse_input/server1.req.sha1 server1.req.sha1: server1.key 1425a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 1426a8e1175bSopenharmony_ciall_final += server1.req.sha1 1427a8e1175bSopenharmony_ci 1428a8e1175bSopenharmony_ciparse_input/server1.req.md5 server1.req.md5: server1.key 1429a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD5 1430a8e1175bSopenharmony_ciall_final += server1.req.md5 1431a8e1175bSopenharmony_ci 1432a8e1175bSopenharmony_ciparse_input/server1.req.sha224 server1.req.sha224: server1.key 1433a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA224 1434a8e1175bSopenharmony_ciall_final += server1.req.sha224 1435a8e1175bSopenharmony_ci 1436a8e1175bSopenharmony_ciparse_input/server1.req.sha256 server1.req.sha256: server1.key 1437a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA256 1438a8e1175bSopenharmony_ciall_final += server1.req.sha256 1439a8e1175bSopenharmony_ci 1440a8e1175bSopenharmony_ciserver1.req.sha256.ext: server1.key 1441a8e1175bSopenharmony_ci # Generating this with OpenSSL as a comparison point to test we're getting the same result 1442a8e1175bSopenharmony_ci openssl req -new -out $@ -key $< -subj '/C=NL/O=PolarSSL/CN=PolarSSL Server 1' -sha256 -config server1.req.sha256.conf 1443a8e1175bSopenharmony_ci 1444a8e1175bSopenharmony_ciparse_input/server1.req.sha384 server1.req.sha384: server1.key 1445a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA384 1446a8e1175bSopenharmony_ciall_final += server1.req.sha384 1447a8e1175bSopenharmony_ci 1448a8e1175bSopenharmony_ciparse_input/server1.req.sha512 server1.req.sha512: server1.key 1449a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA512 1450a8e1175bSopenharmony_ciall_final += server1.req.sha512 1451a8e1175bSopenharmony_ci 1452a8e1175bSopenharmony_ciserver1.req.cert_type: server1.key 1453a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 1454a8e1175bSopenharmony_ciall_final += server1.req.cert_type 1455a8e1175bSopenharmony_ci 1456a8e1175bSopenharmony_ciserver1.req.key_usage: server1.key 1457a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 1458a8e1175bSopenharmony_ciall_final += server1.req.key_usage 1459a8e1175bSopenharmony_ci 1460a8e1175bSopenharmony_ciserver1.req.ku-ct: server1.key 1461a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 1462a8e1175bSopenharmony_ciall_final += server1.req.ku-ct 1463a8e1175bSopenharmony_ci 1464a8e1175bSopenharmony_ciserver1.req.key_usage_empty: server1.key 1465a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_key_usage=1 1466a8e1175bSopenharmony_ciall_final += server1.req.key_usage_empty 1467a8e1175bSopenharmony_ci 1468a8e1175bSopenharmony_ciserver1.req.cert_type_empty: server1.key 1469a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_ns_cert_type=1 1470a8e1175bSopenharmony_ciall_final += server1.req.cert_type_empty 1471a8e1175bSopenharmony_ci 1472a8e1175bSopenharmony_ciparse_input/server1.req.commas.sha256: server1.key 1473a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL\, Commas,CN=PolarSSL Server 1" md=SHA256 1474a8e1175bSopenharmony_ci 1475a8e1175bSopenharmony_ciparse_input/server1.req.hashsymbol.sha256: server1.key 1476a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=\#PolarSSL,CN=PolarSSL Server 1" md=SHA256 1477a8e1175bSopenharmony_ci 1478a8e1175bSopenharmony_ciparse_input/server1.req.spaces.sha256: server1.key 1479a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O= PolarSSL ,CN=PolarSSL Server 1" md=SHA256 1480a8e1175bSopenharmony_ci 1481a8e1175bSopenharmony_ciparse_input/server1.req.asciichars.sha256: server1.key 1482a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=极地SSL,CN=PolarSSL Server 1" md=SHA256 1483a8e1175bSopenharmony_ci# server2* 1484a8e1175bSopenharmony_ci 1485a8e1175bSopenharmony_ciserver2_pwd_ec = PolarSSLTest 1486a8e1175bSopenharmony_ci 1487a8e1175bSopenharmony_ciserver2.req.sha256: server2.key 1488a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=localhost" md=SHA256 1489a8e1175bSopenharmony_ciall_intermediate += server2.req.sha256 1490a8e1175bSopenharmony_ci 1491a8e1175bSopenharmony_ciparse_input/server2.crt.der: parse_input/server2.crt 1492a8e1175bSopenharmony_ciserver2.crt.der: server2.crt 1493a8e1175bSopenharmony_ciparse_input/server2.crt.der server2.crt.der: 1494a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1495a8e1175bSopenharmony_ciall_final += server2.crt.der 1496a8e1175bSopenharmony_ci 1497a8e1175bSopenharmony_ciserver2-sha256.crt.der: server2-sha256.crt 1498a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1499a8e1175bSopenharmony_ciall_final += server2-sha256.crt.der 1500a8e1175bSopenharmony_ci 1501a8e1175bSopenharmony_ciserver2.key.der: server2.key 1502a8e1175bSopenharmony_ci $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER 1503a8e1175bSopenharmony_ciall_final += server2.key.der 1504a8e1175bSopenharmony_ci 1505a8e1175bSopenharmony_ciserver2.key.enc: server2.key 1506a8e1175bSopenharmony_ci $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(server2_pwd_ec)" 1507a8e1175bSopenharmony_ciall_final += server2.key.enc 1508a8e1175bSopenharmony_ci 1509a8e1175bSopenharmony_ci# server5* 1510a8e1175bSopenharmony_ci 1511a8e1175bSopenharmony_ciserver5.csr: server5.key 1512a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ 1513a8e1175bSopenharmony_ci -key $< -out $@ 1514a8e1175bSopenharmony_ciall_intermediate += server5.csr 1515a8e1175bSopenharmony_ciparse_input/server5.crt server5.crt: server5-sha256.crt 1516a8e1175bSopenharmony_ci cp $< $@ 1517a8e1175bSopenharmony_ciall_intermediate += server5-sha256.crt 1518a8e1175bSopenharmony_ciserver5-sha%.crt: server5.csr $(test_ca_crt_file_ec) $(test_ca_key_file_ec) server5.crt.openssl.v3_ext 1519a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ 1520a8e1175bSopenharmony_ci -extfile server5.crt.openssl.v3_ext -set_serial 9 -days 3650 \ 1521a8e1175bSopenharmony_ci -sha$(@F:server5-sha%.crt=%) -in $< -out $@ 1522a8e1175bSopenharmony_ciall_final += server5.crt server5-sha1.crt server5-sha224.crt server5-sha384.crt server5-sha512.crt 1523a8e1175bSopenharmony_ci 1524a8e1175bSopenharmony_ciserver5-badsign.crt: server5.crt 1525a8e1175bSopenharmony_ci { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ 1526a8e1175bSopenharmony_ciall_final += server5-badsign.crt 1527a8e1175bSopenharmony_ci 1528a8e1175bSopenharmony_ci# The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.' 1529a8e1175bSopenharmony_ciserver5.req.ku.sha1: server5.key 1530a8e1175bSopenharmony_ci $(OPENSSL) req -key $< -out $@ -new -nodes -subj "/C=NL/O=PolarSSL/CN=PolarSSL Server 1" -sha1 -addext keyUsage=digitalSignature,nonRepudiation 1531a8e1175bSopenharmony_ciall_final += server5.req.ku.sha1 1532a8e1175bSopenharmony_ci 1533a8e1175bSopenharmony_ciserver5.ku-ds.crt: SERVER5_CRT_SERIAL=45 1534a8e1175bSopenharmony_ciserver5.ku-ds.crt: SERVER5_KEY_USAGE=digital_signature 1535a8e1175bSopenharmony_ciserver5.ku-ka.crt: SERVER5_CRT_SERIAL=46 1536a8e1175bSopenharmony_ciserver5.ku-ka.crt: SERVER5_KEY_USAGE=key_agreement 1537a8e1175bSopenharmony_ciserver5.ku-ke.crt: SERVER5_CRT_SERIAL=47 1538a8e1175bSopenharmony_ciserver5.ku-ke.crt: SERVER5_KEY_USAGE=key_encipherment 1539a8e1175bSopenharmony_ciserver5.eku-cs.crt: SERVER5_CRT_SERIAL=58 1540a8e1175bSopenharmony_ciserver5.eku-cs.crt: SERVER5_EXT_KEY_USAGE=codeSigning 1541a8e1175bSopenharmony_ciserver5.eku-cs_any.crt: SERVER5_CRT_SERIAL=59 1542a8e1175bSopenharmony_ciserver5.eku-cs_any.crt: SERVER5_EXT_KEY_USAGE=codeSigning,any 1543a8e1175bSopenharmony_ciserver5.eku-cli.crt: SERVER5_CRT_SERIAL=60 1544a8e1175bSopenharmony_ciserver5.eku-cli.crt: SERVER5_EXT_KEY_USAGE=clientAuth 1545a8e1175bSopenharmony_ciserver5.eku-srv_cli.crt: SERVER5_CRT_SERIAL=61 1546a8e1175bSopenharmony_ciserver5.eku-srv_cli.crt: SERVER5_EXT_KEY_USAGE=serverAuth,clientAuth 1547a8e1175bSopenharmony_ciserver5.eku-srv.crt: SERVER5_CRT_SERIAL=62 1548a8e1175bSopenharmony_ciserver5.eku-srv.crt: SERVER5_EXT_KEY_USAGE=serverAuth 1549a8e1175bSopenharmony_ciserver5.ku-%.crt: SERVER5_EXT_OPTS=key_usage=$(SERVER5_KEY_USAGE) 1550a8e1175bSopenharmony_ciserver5.eku-%.crt: SERVER5_EXT_OPTS=ext_key_usage=$(SERVER5_EXT_KEY_USAGE) 1551a8e1175bSopenharmony_ciserver5.%.crt: server5.key 1552a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) \ 1553a8e1175bSopenharmony_ci subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=$(SERVER5_CRT_SERIAL) \ 1554a8e1175bSopenharmony_ci issuer_crt=$(test_ca_crt_file_ec) issuer_key=$(test_ca_key_file_ec) $(SERVER5_EXT_OPTS) \ 1555a8e1175bSopenharmony_ci not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@ 1556a8e1175bSopenharmony_ciall_final += server5.ku-ka.crt server5.ku-ke.crt server5.ku-ds.crt 1557a8e1175bSopenharmony_ciall_final += server5.eku-cs.crt server5.eku-cs_any.crt server5.eku-cli.crt server5.eku-srv_cli.crt server5.eku-srv.crt 1558a8e1175bSopenharmony_ci 1559a8e1175bSopenharmony_ci# server6* 1560a8e1175bSopenharmony_ci 1561a8e1175bSopenharmony_ciserver6.csr: server6.key 1562a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ 1563a8e1175bSopenharmony_ci -key $< -out $@ 1564a8e1175bSopenharmony_ciall_intermediate += server6.csr 1565a8e1175bSopenharmony_ciserver6.crt: server6.csr $(test_ca_crt_file_ec) $(test_ca_key_file_ec) 1566a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ 1567a8e1175bSopenharmony_ci -extfile server5.crt.openssl.v3_ext -set_serial 10 -days 3650 -sha256 -in $< -out $@ 1568a8e1175bSopenharmony_ciall_final += server6.crt 1569a8e1175bSopenharmony_ci 1570a8e1175bSopenharmony_ciserver6-ss-child.csr : server6.key 1571a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj "/CN=selfsigned-child/OU=testing/O=PolarSSL/C=NL" \ 1572a8e1175bSopenharmony_ci -key $< -out $@ 1573a8e1175bSopenharmony_ciall_intermediate += server6-ss-child.csr 1574a8e1175bSopenharmony_ciserver6-ss-child.crt: server6-ss-child.csr server5-selfsigned.crt server5.key server6-ss-child.crt.openssl.v3_ext 1575a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -CA server5-selfsigned.crt -CAkey server5.key \ 1576a8e1175bSopenharmony_ci -extfile server6-ss-child.crt.openssl.v3_ext \ 1577a8e1175bSopenharmony_ci -set_serial 0x53a2cb5822399474a7ec79ec \ 1578a8e1175bSopenharmony_ci -days 3650 -sha256 -in $< -out $@ 1579a8e1175bSopenharmony_ciall_final += server6-ss-child.crt 1580a8e1175bSopenharmony_ci 1581a8e1175bSopenharmony_ci 1582a8e1175bSopenharmony_ci################################################################ 1583a8e1175bSopenharmony_ci### Generate certificates for CRT write check tests 1584a8e1175bSopenharmony_ci################################################################ 1585a8e1175bSopenharmony_ci 1586a8e1175bSopenharmony_ci### The test files use the Mbed TLS generated certificates server1*.crt, 1587a8e1175bSopenharmony_ci### but for comparison with OpenSSL also rules for OpenSSL-generated 1588a8e1175bSopenharmony_ci### certificates server1*.crt.openssl are offered. 1589a8e1175bSopenharmony_ci### 1590a8e1175bSopenharmony_ci### Known differences: 1591a8e1175bSopenharmony_ci### * OpenSSL encodes trailing zero-bits in bit-strings occurring in X.509 extension 1592a8e1175bSopenharmony_ci### as unused bits, while Mbed TLS doesn't. 1593a8e1175bSopenharmony_ci 1594a8e1175bSopenharmony_citest_ca_server1_db = test-ca.server1.db 1595a8e1175bSopenharmony_citest_ca_server1_serial = test-ca.server1.serial 1596a8e1175bSopenharmony_citest_ca_server1_config_file = test-ca.server1.opensslconf 1597a8e1175bSopenharmony_ci 1598a8e1175bSopenharmony_ci# server1* 1599a8e1175bSopenharmony_ci 1600a8e1175bSopenharmony_ciparse_input/server1.crt: parse_input/server1.req.sha256 1601a8e1175bSopenharmony_ciserver1.crt: server1.req.sha256 1602a8e1175bSopenharmony_ciparse_input/server1.crt server1.crt: $(test_ca_crt) $(test_ca_key_file_rsa) 1603a8e1175bSopenharmony_ciparse_input/server1.crt server1.crt: 1604a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=$(@D)/server1.req.sha256 \ 1605a8e1175bSopenharmony_ci issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) \ 1606a8e1175bSopenharmony_ci issuer_pwd=$(test_ca_pwd_rsa) version=1 \ 1607a8e1175bSopenharmony_ci not_before=20190210144406 not_after=20290210144406 \ 1608a8e1175bSopenharmony_ci md=SHA1 version=3 output_file=$@ 1609a8e1175bSopenharmony_ciserver1.allSubjectAltNames.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1610a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ san=URI:http://pki.example.com\;IP:1.2.3.4\;DN:C=UK,O="Mbed TLS",CN="SubjectAltName test"\;DNS:example.com\;RFC822:mail@example.com 1611a8e1175bSopenharmony_ciserver1.long_serial.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1612a8e1175bSopenharmony_ci echo "112233445566778899aabbccddeeff0011223344" > test-ca.server1.tmp.serial 1613a8e1175bSopenharmony_ci $(OPENSSL) ca -in server1.req.sha256 -key PolarSSLTest -config test-ca.server1.test_serial.opensslconf -notext -batch -out $@ 1614a8e1175bSopenharmony_ciserver1.80serial.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1615a8e1175bSopenharmony_ci echo "8011223344" > test-ca.server1.tmp.serial 1616a8e1175bSopenharmony_ci $(OPENSSL) ca -in server1.req.sha256 -key PolarSSLTest -config test-ca.server1.test_serial.opensslconf -notext -batch -out $@ 1617a8e1175bSopenharmony_ciserver1.long_serial_FF.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1618a8e1175bSopenharmony_ci echo "ffffffffffffffffffffffffffffffff" > test-ca.server1.tmp.serial 1619a8e1175bSopenharmony_ci $(OPENSSL) ca -in server1.req.sha256 -key PolarSSLTest -config test-ca.server1.test_serial.opensslconf -notext -batch -out $@ 1620a8e1175bSopenharmony_ciserver1.noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1621a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 version=3 output_file=$@ 1622a8e1175bSopenharmony_ciparse_input/server1.crt.der: parse_input/server1.crt 1623a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 \ 1624a8e1175bSopenharmony_ci issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) \ 1625a8e1175bSopenharmony_ci issuer_pwd=$(test_ca_pwd_rsa) \ 1626a8e1175bSopenharmony_ci not_before=20190210144406 not_after=20290210144406 \ 1627a8e1175bSopenharmony_ci md=SHA1 authority_identifier=0 version=3 output_file=$@ 1628a8e1175bSopenharmony_ciserver1.der: server1.crt 1629a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1630a8e1175bSopenharmony_ciserver1.commas.crt: server1.key parse_input/server1.req.commas.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1631a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.commas.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ 1632a8e1175bSopenharmony_ciserver1.hashsymbol.crt: server1.key parse_input/server1.req.hashsymbol.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1633a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.hashsymbol.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ 1634a8e1175bSopenharmony_ciserver1.spaces.crt: server1.key parse_input/server1.req.spaces.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1635a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.spaces.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ 1636a8e1175bSopenharmony_ciserver1.asciichars.crt: server1.key parse_input/server1.req.asciichars.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1637a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.asciichars.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ 1638a8e1175bSopenharmony_ciall_final += server1.crt server1.noauthid.crt parse_input/server1.crt.der server1.commas.crt server1.hashsymbol.crt server1.spaces.crt server1.asciichars.crt 1639a8e1175bSopenharmony_ci 1640a8e1175bSopenharmony_ciparse_input/server1.key_usage.crt: parse_input/server1.req.sha256 1641a8e1175bSopenharmony_ciserver1.key_usage.crt: server1.req.sha256 1642a8e1175bSopenharmony_ciparse_input/server1.key_usage.crt server1.key_usage.crt: $(test_ca_crt) $(test_ca_key_file_rsa) 1643a8e1175bSopenharmony_ciparse_input/server1.key_usage.crt server1.key_usage.crt: 1644a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=$(@D)/server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment version=3 output_file=$@ 1645a8e1175bSopenharmony_ciserver1.key_usage_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1646a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment authority_identifier=0 version=3 output_file=$@ 1647a8e1175bSopenharmony_ciserver1.key_usage.der: server1.key_usage.crt 1648a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1649a8e1175bSopenharmony_ciall_final += server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.der 1650a8e1175bSopenharmony_ci 1651a8e1175bSopenharmony_ciparse_input/server1.cert_type.crt: parse_input/server1.req.sha256 1652a8e1175bSopenharmony_ciserver1.cert_type.crt: server1.req.sha256 1653a8e1175bSopenharmony_ciparse_input/server1.cert_type.crt server1.cert_type.crt: $(test_ca_crt) $(test_ca_key_file_rsa) 1654a8e1175bSopenharmony_ciparse_input/server1.cert_type.crt server1.cert_type.crt: 1655a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=$(@D)/server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 ns_cert_type=ssl_server version=3 output_file=$@ 1656a8e1175bSopenharmony_ciserver1.cert_type_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1657a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 ns_cert_type=ssl_server authority_identifier=0 version=3 output_file=$@ 1658a8e1175bSopenharmony_ciserver1.cert_type.der: server1.cert_type.crt 1659a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1660a8e1175bSopenharmony_ciall_final += server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.der 1661a8e1175bSopenharmony_ci 1662a8e1175bSopenharmony_ciserver1.v1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1663a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=1 output_file=$@ 1664a8e1175bSopenharmony_ciserver1.v1.der: server1.v1.crt 1665a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1666a8e1175bSopenharmony_ciall_final += server1.v1.crt server1.v1.der 1667a8e1175bSopenharmony_ci 1668a8e1175bSopenharmony_ciserver1.ca.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1669a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 is_ca=1 version=3 output_file=$@ 1670a8e1175bSopenharmony_ciserver1.ca_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) 1671a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 is_ca=1 version=3 output_file=$@ 1672a8e1175bSopenharmony_ciserver1.ca.der: server1.ca.crt 1673a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1674a8e1175bSopenharmony_ciall_final += server1.ca.crt server1.ca_noauthid.crt server1.ca.der 1675a8e1175bSopenharmony_ci 1676a8e1175bSopenharmony_ciserver1-nospace.crt: server1.key test-ca.crt 1677a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=$< serial=31\ 1678a8e1175bSopenharmony_ci subject_name="C=NL,O=PolarSSL,CN=polarssl.example" \ 1679a8e1175bSopenharmony_ci issuer_crt=test-ca.crt issuer_key=$(test_ca_key_file_rsa) \ 1680a8e1175bSopenharmony_ci issuer_pwd=$(test_ca_pwd_rsa) \ 1681a8e1175bSopenharmony_ci not_before=20190210144406 not_after=20290210144406 \ 1682a8e1175bSopenharmony_ci md=SHA256 version=3 authority_identifier=1 \ 1683a8e1175bSopenharmony_ci output_file=$@ 1684a8e1175bSopenharmony_ciall_final += server1-nospace.crt 1685a8e1175bSopenharmony_ci 1686a8e1175bSopenharmony_ciserver1_ca.crt: server1.crt $(test_ca_crt) 1687a8e1175bSopenharmony_ci cat server1.crt $(test_ca_crt) > $@ 1688a8e1175bSopenharmony_ciall_final += server1_ca.crt 1689a8e1175bSopenharmony_ci 1690a8e1175bSopenharmony_ciparse_input/cert_sha1.crt cert_sha1.crt: server1.key 1691a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1" serial=7 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ 1692a8e1175bSopenharmony_ciall_final += cert_sha1.crt 1693a8e1175bSopenharmony_ci 1694a8e1175bSopenharmony_ciparse_input/cert_sha224.crt cert_sha224.crt: server1.key 1695a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224" serial=8 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA224 version=3 output_file=$@ 1696a8e1175bSopenharmony_ciall_final += cert_sha224.crt 1697a8e1175bSopenharmony_ci 1698a8e1175bSopenharmony_ciparse_input/cert_sha256.crt cert_sha256.crt: server1.key 1699a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256" serial=9 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@ 1700a8e1175bSopenharmony_ciall_final += cert_sha256.crt 1701a8e1175bSopenharmony_ci 1702a8e1175bSopenharmony_ciparse_input/cert_sha384.crt cert_sha384.crt: server1.key 1703a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384" serial=10 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA384 version=3 output_file=$@ 1704a8e1175bSopenharmony_ciall_final += cert_sha384.crt 1705a8e1175bSopenharmony_ci 1706a8e1175bSopenharmony_ciparse_input/cert_sha512.crt cert_sha512.crt: server1.key 1707a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512" serial=11 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA512 version=3 output_file=$@ 1708a8e1175bSopenharmony_ciall_final += cert_sha512.crt 1709a8e1175bSopenharmony_ci 1710a8e1175bSopenharmony_cicert_example_wildcard.crt: server1.key 1711a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=*.example.com" serial=12 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ 1712a8e1175bSopenharmony_ciall_final += cert_example_wildcard.crt 1713a8e1175bSopenharmony_ci 1714a8e1175bSopenharmony_ci# OpenSSL-generated certificates for comparison 1715a8e1175bSopenharmony_ci# Also provide certificates in DER format to allow 1716a8e1175bSopenharmony_ci# direct binary comparison using e.g. dumpasn1 1717a8e1175bSopenharmony_ciserver1.crt.openssl server1.key_usage.crt.openssl server1.cert_type.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file) 1718a8e1175bSopenharmony_ci echo "01" > $(test_ca_server1_serial) 1719a8e1175bSopenharmony_ci rm -f $(test_ca_server1_db) 1720a8e1175bSopenharmony_ci touch $(test_ca_server1_db) 1721a8e1175bSopenharmony_ci $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -extensions v3_ext -extfile $@.v3_ext -out $@ 1722a8e1175bSopenharmony_ciserver1.der.openssl: server1.crt.openssl 1723a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1724a8e1175bSopenharmony_ciserver1.key_usage.der.openssl: server1.key_usage.crt.openssl 1725a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1726a8e1175bSopenharmony_ciserver1.cert_type.der.openssl: server1.cert_type.crt.openssl 1727a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1728a8e1175bSopenharmony_ci 1729a8e1175bSopenharmony_ciserver1.v1.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file) 1730a8e1175bSopenharmony_ci echo "01" > $(test_ca_server1_serial) 1731a8e1175bSopenharmony_ci rm -f $(test_ca_server1_db) 1732a8e1175bSopenharmony_ci touch $(test_ca_server1_db) 1733a8e1175bSopenharmony_ci $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -out $@ 1734a8e1175bSopenharmony_ciserver1.v1.der.openssl: server1.v1.crt.openssl 1735a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1736a8e1175bSopenharmony_ci 1737a8e1175bSopenharmony_ci# To revoke certificate in the openssl database: 1738a8e1175bSopenharmony_ci# 1739a8e1175bSopenharmony_ci# $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha256 -crldays 365 -revoke server1.crt 1740a8e1175bSopenharmony_ci 1741a8e1175bSopenharmony_cicrl.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) 1742a8e1175bSopenharmony_ci $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha1 -crldays 3653 -out $@ 1743a8e1175bSopenharmony_ci 1744a8e1175bSopenharmony_cicrl-futureRevocationDate.pem: $(test_ca_crt) $(test_ca_key_file_rsa) \ 1745a8e1175bSopenharmony_ci $(test_ca_config_file) \ 1746a8e1175bSopenharmony_ci test-ca.server1.future-crl.db \ 1747a8e1175bSopenharmony_ci test-ca.server1.future-crl.opensslconf 1748a8e1175bSopenharmony_ci $(FAKETIME) -f '+10y' $(OPENSSL) ca -gencrl \ 1749a8e1175bSopenharmony_ci -config test-ca.server1.future-crl.opensslconf -crldays 365 \ 1750a8e1175bSopenharmony_ci -passin "pass:$(test_ca_pwd_rsa)" -out $@ 1751a8e1175bSopenharmony_ci 1752a8e1175bSopenharmony_ciserver1_all: crl.pem crl-futureRevocationDate.pem server1.crt server1.noauthid.crt server1.crt.openssl server1.v1.crt server1.v1.crt.openssl server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.crt.openssl server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.crt.openssl server1.der server1.der.openssl server1.v1.der server1.v1.der.openssl server1.key_usage.der server1.key_usage.der.openssl server1.cert_type.der server1.cert_type.der.openssl 1753a8e1175bSopenharmony_ci 1754a8e1175bSopenharmony_ci# server2* 1755a8e1175bSopenharmony_ci 1756a8e1175bSopenharmony_ciparse_input/server2.crt server2.crt: server2.req.sha256 1757a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ 1758a8e1175bSopenharmony_ciall_final += server2.crt 1759a8e1175bSopenharmony_ci 1760a8e1175bSopenharmony_ciserver2.der: server2.crt 1761a8e1175bSopenharmony_ci $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ 1762a8e1175bSopenharmony_ciall_final += server2.crt server2.der 1763a8e1175bSopenharmony_ci 1764a8e1175bSopenharmony_ciserver2-sha256.crt: server2.req.sha256 1765a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@ 1766a8e1175bSopenharmony_ciall_final += server2-sha256.crt 1767a8e1175bSopenharmony_ci 1768a8e1175bSopenharmony_ciserver2.ku-ka.crt: SERVER2_CRT_SERIAL=42 1769a8e1175bSopenharmony_ciserver2.ku-ka.crt: SERVER2_KEY_USAGE=key_agreement 1770a8e1175bSopenharmony_ciserver2.ku-ke.crt: SERVER2_CRT_SERIAL=43 1771a8e1175bSopenharmony_ciserver2.ku-ke.crt: SERVER2_KEY_USAGE=key_encipherment 1772a8e1175bSopenharmony_ciserver2.ku-ds.crt: SERVER2_CRT_SERIAL=44 1773a8e1175bSopenharmony_ciserver2.ku-ds.crt: SERVER2_KEY_USAGE=digital_signature 1774a8e1175bSopenharmony_ciserver2.ku-ds_ke.crt: SERVER2_CRT_SERIAL=48 1775a8e1175bSopenharmony_ciserver2.ku-ds_ke.crt: SERVER2_KEY_USAGE=digital_signature,key_encipherment 1776a8e1175bSopenharmony_ciserver2.ku-%.crt: server2.req.sha256 1777a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=$(SERVER2_CRT_SERIAL) \ 1778a8e1175bSopenharmony_ci issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \ 1779a8e1175bSopenharmony_ci key_usage="$(SERVER2_KEY_USAGE)" \ 1780a8e1175bSopenharmony_ci not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ 1781a8e1175bSopenharmony_ciall_final += server2.ku-ka.crt server2.ku-ke.crt server2.ku-ds.crt server2.ku-ds_ke.crt 1782a8e1175bSopenharmony_ci 1783a8e1175bSopenharmony_ciserver2-badsign.crt: server2.crt 1784a8e1175bSopenharmony_ci { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ 1785a8e1175bSopenharmony_ciall_final += server2-badsign.crt 1786a8e1175bSopenharmony_ci 1787a8e1175bSopenharmony_ci# server3* 1788a8e1175bSopenharmony_ci 1789a8e1175bSopenharmony_ciparse_input/server3.crt server3.crt: server3.key 1790a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=13 \ 1791a8e1175bSopenharmony_ci issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \ 1792a8e1175bSopenharmony_ci not_before=20190210144406 not_after=20290210144406 \ 1793a8e1175bSopenharmony_ci md=SHA1 version=3 output_file=$@ 1794a8e1175bSopenharmony_ciall_final += server3.crt 1795a8e1175bSopenharmony_ci 1796a8e1175bSopenharmony_ci# server4* 1797a8e1175bSopenharmony_ci 1798a8e1175bSopenharmony_ciparse_input/server4.crt server4.crt: server4.key 1799a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=8 \ 1800a8e1175bSopenharmony_ci issuer_crt=$(test_ca_crt_file_ec) issuer_key=$(test_ca_key_file_ec) \ 1801a8e1175bSopenharmony_ci not_before=20190210144400 not_after=20290210144400 \ 1802a8e1175bSopenharmony_ci md=SHA256 version=3 output_file=$@ 1803a8e1175bSopenharmony_ciall_final += server4.crt 1804a8e1175bSopenharmony_ci 1805a8e1175bSopenharmony_ci# MD5 test certificate 1806a8e1175bSopenharmony_ci 1807a8e1175bSopenharmony_cicert_md_test_key = $(cli_crt_key_file_rsa) 1808a8e1175bSopenharmony_ci 1809a8e1175bSopenharmony_cicert_md5.csr: $(cert_md_test_key) 1810a8e1175bSopenharmony_ci $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD5" md=MD5 1811a8e1175bSopenharmony_ciall_intermediate += cert_md5.csr 1812a8e1175bSopenharmony_ci 1813a8e1175bSopenharmony_ciparse_input/cert_md5.crt cert_md5.crt: cert_md5.csr 1814a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) request_file=$< serial=6 \ 1815a8e1175bSopenharmony_ci issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) \ 1816a8e1175bSopenharmony_ci issuer_pwd=$(test_ca_pwd_rsa) \ 1817a8e1175bSopenharmony_ci not_before=20000101121212 not_after=20300101121212 \ 1818a8e1175bSopenharmony_ci md=MD5 version=3 output_file=$@ 1819a8e1175bSopenharmony_ciall_final += cert_md5.crt 1820a8e1175bSopenharmony_ci 1821a8e1175bSopenharmony_ci# TLSv1.3 test certificates 1822a8e1175bSopenharmony_ciecdsa_secp256r1.key: ec_256_prv.pem 1823a8e1175bSopenharmony_ci cp $< $@ 1824a8e1175bSopenharmony_ci 1825a8e1175bSopenharmony_ciecdsa_secp256r1.csr: ecdsa_secp256r1.key 1826a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ 1827a8e1175bSopenharmony_ci -key $< -out $@ 1828a8e1175bSopenharmony_ciall_intermediate += ecdsa_secp256r1.csr 1829a8e1175bSopenharmony_ciecdsa_secp256r1.crt: ecdsa_secp256r1.csr 1830a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ 1831a8e1175bSopenharmony_ci -set_serial 77 -days 3653 -sha384 -in $< -out $@ 1832a8e1175bSopenharmony_ciall_final += ecdsa_secp256r1.crt ecdsa_secp256r1.key 1833a8e1175bSopenharmony_citls13_certs: ecdsa_secp256r1.crt ecdsa_secp256r1.key 1834a8e1175bSopenharmony_ci 1835a8e1175bSopenharmony_ciecdsa_secp384r1.key: ec_384_prv.pem 1836a8e1175bSopenharmony_ci cp $< $@ 1837a8e1175bSopenharmony_ciecdsa_secp384r1.csr: ecdsa_secp384r1.key 1838a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ 1839a8e1175bSopenharmony_ci -key $< -out $@ 1840a8e1175bSopenharmony_ciall_intermediate += ecdsa_secp384r1.csr 1841a8e1175bSopenharmony_ciecdsa_secp384r1.crt: ecdsa_secp384r1.csr 1842a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ 1843a8e1175bSopenharmony_ci -set_serial 77 -days 3653 -sha384 -in $< -out $@ 1844a8e1175bSopenharmony_ciall_final += ecdsa_secp384r1.crt ecdsa_secp384r1.key 1845a8e1175bSopenharmony_citls13_certs: ecdsa_secp384r1.crt ecdsa_secp384r1.key 1846a8e1175bSopenharmony_ci 1847a8e1175bSopenharmony_ciecdsa_secp521r1.key: ec_521_prv.pem 1848a8e1175bSopenharmony_ci cp $< $@ 1849a8e1175bSopenharmony_ciecdsa_secp521r1.csr: ecdsa_secp521r1.key 1850a8e1175bSopenharmony_ci $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ 1851a8e1175bSopenharmony_ci -key $< -out $@ 1852a8e1175bSopenharmony_ciall_intermediate += ecdsa_secp521r1.csr 1853a8e1175bSopenharmony_ciecdsa_secp521r1.crt: ecdsa_secp521r1.csr 1854a8e1175bSopenharmony_ci $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ 1855a8e1175bSopenharmony_ci -set_serial 77 -days 3653 -sha384 -in $< -out $@ 1856a8e1175bSopenharmony_ciall_final += ecdsa_secp521r1.crt ecdsa_secp521r1.key 1857a8e1175bSopenharmony_citls13_certs: ecdsa_secp521r1.crt ecdsa_secp521r1.key 1858a8e1175bSopenharmony_ci 1859a8e1175bSopenharmony_ci# PKCS7 test data 1860a8e1175bSopenharmony_cipkcs7_test_cert_1 = pkcs7-rsa-sha256-1.crt 1861a8e1175bSopenharmony_cipkcs7_test_cert_2 = pkcs7-rsa-sha256-2.crt 1862a8e1175bSopenharmony_cipkcs7_test_cert_3 = pkcs7-rsa-sha256-3.crt 1863a8e1175bSopenharmony_cipkcs7_test_file = pkcs7_data.bin 1864a8e1175bSopenharmony_ci 1865a8e1175bSopenharmony_ci$(pkcs7_test_file): 1866a8e1175bSopenharmony_ci printf "Hello\15\n" > $@ 1867a8e1175bSopenharmony_ciall_final += $(pkcs7_test_file) 1868a8e1175bSopenharmony_ci 1869a8e1175bSopenharmony_cipkcs7_zerolendata.bin: 1870a8e1175bSopenharmony_ci printf '' > $@ 1871a8e1175bSopenharmony_ciall_final += pkcs7_zerolendata.bin 1872a8e1175bSopenharmony_ci 1873a8e1175bSopenharmony_cipkcs7_data_1.bin: 1874a8e1175bSopenharmony_ci printf "2\15\n" > $@ 1875a8e1175bSopenharmony_ciall_final += pkcs7_data_1.bin 1876a8e1175bSopenharmony_ci 1877a8e1175bSopenharmony_ci# Generate signing cert 1878a8e1175bSopenharmony_cipkcs7-rsa-sha256-1.crt: 1879a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert 1" -sha256 -nodes -days 3653 -newkey rsa:2048 -keyout pkcs7-rsa-sha256-1.key -out pkcs7-rsa-sha256-1.crt 1880a8e1175bSopenharmony_ci cat pkcs7-rsa-sha256-1.crt pkcs7-rsa-sha256-1.key > pkcs7-rsa-sha256-1.pem 1881a8e1175bSopenharmony_ciall_final += pkcs7-rsa-sha256-1.crt 1882a8e1175bSopenharmony_ci 1883a8e1175bSopenharmony_cipkcs7-rsa-sha256-2.crt: 1884a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert 2" -sha256 -nodes -days 3653 -newkey rsa:2048 -keyout pkcs7-rsa-sha256-2.key -out pkcs7-rsa-sha256-2.crt 1885a8e1175bSopenharmony_ci cat pkcs7-rsa-sha256-2.crt pkcs7-rsa-sha256-2.key > pkcs7-rsa-sha256-2.pem 1886a8e1175bSopenharmony_ciall_final += pkcs7-rsa-sha256-2.crt 1887a8e1175bSopenharmony_ci 1888a8e1175bSopenharmony_cipkcs7-rsa-sha256-3.crt: 1889a8e1175bSopenharmony_ci $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert 3" -sha256 -nodes -days 3653 -newkey rsa:2048 -keyout pkcs7-rsa-sha256-3.key -out pkcs7-rsa-sha256-3.crt 1890a8e1175bSopenharmony_ci cat pkcs7-rsa-sha256-3.crt pkcs7-rsa-sha256-3.key > pkcs7-rsa-sha256-3.pem 1891a8e1175bSopenharmony_ciall_final += pkcs7-rsa-sha256-3.crt 1892a8e1175bSopenharmony_ci 1893a8e1175bSopenharmony_cipkcs7-rsa-expired.crt: 1894a8e1175bSopenharmony_ci $(FAKETIME) -f -3650d $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert Expired" -sha256 -nodes -days 365 -newkey rsa:2048 -keyout pkcs7-rsa-expired.key -out pkcs7-rsa-expired.crt 1895a8e1175bSopenharmony_ciall_final += pkcs7-rsa-expired.crt 1896a8e1175bSopenharmony_ci 1897a8e1175bSopenharmony_ci# File with an otherwise valid signature signed with an expired cert 1898a8e1175bSopenharmony_cipkcs7_data_rsa_expired.der: pkcs7-rsa-expired.key pkcs7-rsa-expired.crt pkcs7_data.bin 1899a8e1175bSopenharmony_ci $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -inkey pkcs7-rsa-expired.key -signer pkcs7-rsa-expired.crt -noattr -outform DER -out $@ 1900a8e1175bSopenharmony_ciall_final += pkcs7_data_rsa_expired.der 1901a8e1175bSopenharmony_ci 1902a8e1175bSopenharmony_ci# Convert signing certs to DER for testing PEM-free builds 1903a8e1175bSopenharmony_cipkcs7-rsa-sha256-1.der: $(pkcs7_test_cert_1) 1904a8e1175bSopenharmony_ci $(OPENSSL) x509 -in pkcs7-rsa-sha256-1.crt -out $@ -outform DER 1905a8e1175bSopenharmony_ciall_final += pkcs7-rsa-sha256-1.der 1906a8e1175bSopenharmony_ci 1907a8e1175bSopenharmony_cipkcs7-rsa-sha256-2.der: $(pkcs7_test_cert_2) 1908a8e1175bSopenharmony_ci $(OPENSSL) x509 -in pkcs7-rsa-sha256-2.crt -out $@ -outform DER 1909a8e1175bSopenharmony_ciall_final += pkcs7-rsa-sha256-2.der 1910a8e1175bSopenharmony_ci 1911a8e1175bSopenharmony_cipkcs7-rsa-expired.der: pkcs7-rsa-expired.crt 1912a8e1175bSopenharmony_ci $(OPENSSL) x509 -in pkcs7-rsa-expired.crt -out $@ -outform DER 1913a8e1175bSopenharmony_ciall_final += pkcs7-rsa-expired.der 1914a8e1175bSopenharmony_ci 1915a8e1175bSopenharmony_ci# pkcs7 signature file over zero-len data 1916a8e1175bSopenharmony_cipkcs7_zerolendata_detached.der: pkcs7_zerolendata.bin pkcs7-rsa-sha256-1.key pkcs7-rsa-sha256-1.crt 1917a8e1175bSopenharmony_ci $(OPENSSL) smime -sign -md sha256 -nocerts -noattr -in pkcs7_zerolendata.bin -inkey pkcs7-rsa-sha256-1.key -outform DER -binary -signer pkcs7-rsa-sha256-1.crt -out pkcs7_zerolendata_detached.der 1918a8e1175bSopenharmony_ciall_final += pkcs7_zerolendata_detached.der 1919a8e1175bSopenharmony_ci 1920a8e1175bSopenharmony_ci# pkcs7 signature file with CERT 1921a8e1175bSopenharmony_cipkcs7_data_cert_signed_sha256.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) 1922a8e1175bSopenharmony_ci $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@ 1923a8e1175bSopenharmony_ciall_final += pkcs7_data_cert_signed_sha256.der 1924a8e1175bSopenharmony_ci 1925a8e1175bSopenharmony_ci# pkcs7 signature file with CERT and sha1 1926a8e1175bSopenharmony_cipkcs7_data_cert_signed_sha1.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) 1927a8e1175bSopenharmony_ci $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha1 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@ 1928a8e1175bSopenharmony_ciall_final += pkcs7_data_cert_signed_sha1.der 1929a8e1175bSopenharmony_ci 1930a8e1175bSopenharmony_ci# pkcs7 signature file with CERT and sha512 1931a8e1175bSopenharmony_cipkcs7_data_cert_signed_sha512.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) 1932a8e1175bSopenharmony_ci $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha512 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@ 1933a8e1175bSopenharmony_ciall_final += pkcs7_data_cert_signed_sha512.der 1934a8e1175bSopenharmony_ci 1935a8e1175bSopenharmony_ci# pkcs7 signature file without CERT 1936a8e1175bSopenharmony_cipkcs7_data_without_cert_signed.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) 1937a8e1175bSopenharmony_ci $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -nocerts -noattr -outform DER -out $@ 1938a8e1175bSopenharmony_ciall_final += pkcs7_data_without_cert_signed.der 1939a8e1175bSopenharmony_ci 1940a8e1175bSopenharmony_ci# pkcs7 signature file with signature 1941a8e1175bSopenharmony_cipkcs7_data_with_signature.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) 1942a8e1175bSopenharmony_ci $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -nocerts -noattr -nodetach -outform DER -out $@ 1943a8e1175bSopenharmony_ciall_final += pkcs7_data_with_signature.der 1944a8e1175bSopenharmony_ci 1945a8e1175bSopenharmony_ci# pkcs7 signature file with two signers 1946a8e1175bSopenharmony_cipkcs7_data_multiple_signed.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) $(pkcs7_test_cert_2) 1947a8e1175bSopenharmony_ci $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -signer pkcs7-rsa-sha256-2.pem -nocerts -noattr -outform DER -out $@ 1948a8e1175bSopenharmony_ciall_final += pkcs7_data_multiple_signed.der 1949a8e1175bSopenharmony_ci 1950a8e1175bSopenharmony_ci# pkcs7 signature file with three signers 1951a8e1175bSopenharmony_cipkcs7_data_3_signed.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) $(pkcs7_test_cert_2) $(pkcs7_test_cert_3) 1952a8e1175bSopenharmony_ci $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -signer pkcs7-rsa-sha256-2.pem -signer pkcs7-rsa-sha256-3.pem -nocerts -noattr -outform DER -out $@ 1953a8e1175bSopenharmony_ciall_final += pkcs7_data_3_signed.der 1954a8e1175bSopenharmony_ci 1955a8e1175bSopenharmony_ci# pkcs7 signature file with multiple certificates 1956a8e1175bSopenharmony_cipkcs7_data_multiple_certs_signed.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) $(pkcs7_test_cert_2) 1957a8e1175bSopenharmony_ci $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -signer pkcs7-rsa-sha256-2.pem -noattr -outform DER -out $@ 1958a8e1175bSopenharmony_ciall_final += pkcs7_data_multiple_certs_signed.der 1959a8e1175bSopenharmony_ci 1960a8e1175bSopenharmony_ci# pkcs7 signature file with corrupted CERT 1961a8e1175bSopenharmony_cipkcs7_data_signed_badcert.der: pkcs7_data_cert_signed_sha256.der 1962a8e1175bSopenharmony_ci cp pkcs7_data_cert_signed_sha256.der $@ 1963a8e1175bSopenharmony_ci echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=547 conv=notrunc 1964a8e1175bSopenharmony_ciall_final += pkcs7_data_signed_badcert.der 1965a8e1175bSopenharmony_ci 1966a8e1175bSopenharmony_ci# pkcs7 signature file with corrupted signer info 1967a8e1175bSopenharmony_cipkcs7_data_signed_badsigner.der: pkcs7_data_cert_signed_sha256.der 1968a8e1175bSopenharmony_ci cp pkcs7_data_cert_signed_sha256.der $@ 1969a8e1175bSopenharmony_ci echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=918 conv=notrunc 1970a8e1175bSopenharmony_ciall_final += pkcs7_data_signed_badsigner.der 1971a8e1175bSopenharmony_ci 1972a8e1175bSopenharmony_ci# pkcs7 signature file with invalid tag in signerInfo[1].serial after long issuer name 1973a8e1175bSopenharmony_cipkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der: pkcs7_data_multiple_signed.der 1974a8e1175bSopenharmony_ci cp $< $@ 1975a8e1175bSopenharmony_ci echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=498 conv=notrunc 1976a8e1175bSopenharmony_ciall_final += pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der 1977a8e1175bSopenharmony_ci 1978a8e1175bSopenharmony_ci# pkcs7 signature file with invalid tag in signerInfo[2] 1979a8e1175bSopenharmony_cipkcs7_signerInfo_2_invalid_tag.der: pkcs7_data_3_signed.der 1980a8e1175bSopenharmony_ci cp $< $@ 1981a8e1175bSopenharmony_ci echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=810 conv=notrunc 1982a8e1175bSopenharmony_ciall_final += pkcs7_signerInfo_2_invalid_tag.der 1983a8e1175bSopenharmony_ci 1984a8e1175bSopenharmony_ci# pkcs7 signature file with corrupted signer info[1] 1985a8e1175bSopenharmony_cipkcs7_data_signed_badsigner1_badsize.der: pkcs7_data_3_signed.der 1986a8e1175bSopenharmony_ci cp pkcs7_data_3_signed.der $@ 1987a8e1175bSopenharmony_ci echo '72' | xxd -p -r | dd of=$@ bs=1 seek=438 conv=notrunc 1988a8e1175bSopenharmony_ciall_final += pkcs7_data_signed_badsigner1_badsize.der 1989a8e1175bSopenharmony_ci 1990a8e1175bSopenharmony_cipkcs7_data_signed_badsigner1_badtag.der: pkcs7_data_3_signed.der 1991a8e1175bSopenharmony_ci cp pkcs7_data_3_signed.der $@ 1992a8e1175bSopenharmony_ci echo 'a1' | xxd -p -r | dd of=$@ bs=1 seek=442 conv=notrunc 1993a8e1175bSopenharmony_ciall_final += pkcs7_data_signed_badsigner1_badtag.der 1994a8e1175bSopenharmony_ci 1995a8e1175bSopenharmony_cipkcs7_data_signed_badsigner1_fuzzbad.der: pkcs7_data_3_signed.der 1996a8e1175bSopenharmony_ci cp pkcs7_data_3_signed.der $@ 1997a8e1175bSopenharmony_ci echo 'a1' | xxd -p -r | dd of=$@ bs=1 seek=550 conv=notrunc 1998a8e1175bSopenharmony_ciall_final += pkcs7_data_signed_badsigner1_fuzzbad.der 1999a8e1175bSopenharmony_ci 2000a8e1175bSopenharmony_ci# pkcs7 signature file with corrupted signer info[2] 2001a8e1175bSopenharmony_cipkcs7_data_signed_badsigner2_badsize.der: pkcs7_data_3_signed.der 2002a8e1175bSopenharmony_ci cp pkcs7_data_3_signed.der $@ 2003a8e1175bSopenharmony_ci echo '72'| xxd -p -r | dd of=$@ bs=1 seek=813 conv=notrunc 2004a8e1175bSopenharmony_ciall_final += pkcs7_data_signed_badsigner2_badsize.der 2005a8e1175bSopenharmony_ci 2006a8e1175bSopenharmony_cipkcs7_data_signed_badsigner2_badtag.der: pkcs7_data_3_signed.der 2007a8e1175bSopenharmony_ci cp pkcs7_data_3_signed.der $@ 2008a8e1175bSopenharmony_ci echo 'a1'| xxd -p -r | dd of=$@ bs=1 seek=817 conv=notrunc 2009a8e1175bSopenharmony_ciall_final += pkcs7_data_signed_badsigner2_badtag.der 2010a8e1175bSopenharmony_ci 2011a8e1175bSopenharmony_cipkcs7_data_signed_badsigner2_fuzzbad.der: pkcs7_data_3_signed.der 2012a8e1175bSopenharmony_ci cp pkcs7_data_3_signed.der $@ 2013a8e1175bSopenharmony_ci echo 'a1'| xxd -p -r | dd of=$@ bs=1 seek=925 conv=notrunc 2014a8e1175bSopenharmony_ciall_final += pkcs7_data_signed_badsigner2_fuzzbad.der 2015a8e1175bSopenharmony_ci 2016a8e1175bSopenharmony_ci# pkcs7 file with version 2 2017a8e1175bSopenharmony_cipkcs7_data_cert_signed_v2.der: pkcs7_data_cert_signed_sha256.der 2018a8e1175bSopenharmony_ci cp pkcs7_data_cert_signed_sha256.der $@ 2019a8e1175bSopenharmony_ci echo '02' | xxd -r -p | dd of=$@ bs=1 seek=25 conv=notrunc 2020a8e1175bSopenharmony_ciall_final += pkcs7_data_cert_signed_v2.der 2021a8e1175bSopenharmony_ci 2022a8e1175bSopenharmony_cipkcs7_data_cert_encrypted.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) 2023a8e1175bSopenharmony_ci $(OPENSSL) smime -encrypt -aes256 -in pkcs7_data.bin -binary -outform DER -out $@ pkcs7-rsa-sha256-1.crt 2024a8e1175bSopenharmony_ciall_final += pkcs7_data_cert_encrypted.der 2025a8e1175bSopenharmony_ci 2026a8e1175bSopenharmony_ci## Negative tests 2027a8e1175bSopenharmony_ci# For some interesting sizes, what happens if we make them off-by-one? 2028a8e1175bSopenharmony_cipkcs7_signerInfo_issuer_invalid_size.der: pkcs7_data_cert_signed_sha256.der 2029a8e1175bSopenharmony_ci cp $< $@ 2030a8e1175bSopenharmony_ci echo '35' | xxd -r -p | dd of=$@ seek=919 bs=1 conv=notrunc 2031a8e1175bSopenharmony_ciall_final += pkcs7_signerInfo_issuer_invalid_size.der 2032a8e1175bSopenharmony_ci 2033a8e1175bSopenharmony_cipkcs7_signerInfo_serial_invalid_size.der: pkcs7_data_cert_signed_sha256.der 2034a8e1175bSopenharmony_ci cp $< $@ 2035a8e1175bSopenharmony_ci echo '15' | xxd -r -p | dd of=$@ seek=973 bs=1 conv=notrunc 2036a8e1175bSopenharmony_ciall_final += pkcs7_signerInfo_serial_invalid_size.der 2037a8e1175bSopenharmony_ci 2038a8e1175bSopenharmony_ci# pkcs7 signature file just with signed data 2039a8e1175bSopenharmony_cipkcs7_data_cert_signeddata_sha256.der: pkcs7_data_cert_signed_sha256.der 2040a8e1175bSopenharmony_ci dd if=pkcs7_data_cert_signed_sha256.der of=$@ skip=19 bs=1 2041a8e1175bSopenharmony_ciall_final += pkcs7_data_cert_signeddata_sha256.der 2042a8e1175bSopenharmony_ci 2043a8e1175bSopenharmony_ci# - test-ca-v1.crt: v1 "CA", signs 2044a8e1175bSopenharmony_ci# server1-v1.crt: v1 "intermediate CA", signs 2045a8e1175bSopenharmony_ci# server2-v1*.crt: EE cert (without of with chain in same file) 2046a8e1175bSopenharmony_ci 2047a8e1175bSopenharmony_citest-ca-v1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 2048a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) is_ca=1 serial_hex=53a2b68e05400e555c9395e5 \ 2049a8e1175bSopenharmony_ci request_file=test-ca.req.sha256 \ 2050a8e1175bSopenharmony_ci selfsign=1 issuer_name="CN=PolarSSL Test CA v1,OU=testing,O=PolarSSL,C=NL" \ 2051a8e1175bSopenharmony_ci issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \ 2052a8e1175bSopenharmony_ci not_before=20190210144400 not_after=20290210144400 md=SHA256 version=1 \ 2053a8e1175bSopenharmony_ci output_file=$@ 2054a8e1175bSopenharmony_ciall_final += test-ca-v1.crt 2055a8e1175bSopenharmony_ci 2056a8e1175bSopenharmony_ciserver1-v1.crt: server1.key test-ca-v1.crt 2057a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=$< serial_hex=53a2b6c704cd4d8ebc800bc1\ 2058a8e1175bSopenharmony_ci subject_name="CN=server1/int-ca-v1,OU=testing,O=PolarSSL,C=NL" \ 2059a8e1175bSopenharmony_ci issuer_crt=test-ca-v1.crt issuer_key=$(test_ca_key_file_rsa) \ 2060a8e1175bSopenharmony_ci issuer_pwd=$(test_ca_pwd_rsa) \ 2061a8e1175bSopenharmony_ci not_before=20190210144406 not_after=20290210144406 \ 2062a8e1175bSopenharmony_ci md=SHA256 version=1 \ 2063a8e1175bSopenharmony_ci output_file=$@ 2064a8e1175bSopenharmony_ciall_final += server1-v1.crt 2065a8e1175bSopenharmony_ci 2066a8e1175bSopenharmony_ciserver2-v1.crt: server2.key server1-v1.crt 2067a8e1175bSopenharmony_ci $(MBEDTLS_CERT_WRITE) subject_key=$< serial_hex=53a2b6d9235dbc4573f9b76c\ 2068a8e1175bSopenharmony_ci subject_name="CN=server2,OU=testing,O=PolarSSL,C=NL" \ 2069a8e1175bSopenharmony_ci issuer_crt=server1-v1.crt issuer_key=server1.key \ 2070a8e1175bSopenharmony_ci not_before=20190210144406 not_after=20290210144406 \ 2071a8e1175bSopenharmony_ci md=SHA256 version=1 \ 2072a8e1175bSopenharmony_ci output_file=$@ 2073a8e1175bSopenharmony_ciall_final += server2-v1.crt 2074a8e1175bSopenharmony_ci 2075a8e1175bSopenharmony_ciserver2-v1-chain.crt: server2-v1.crt server1-v1.crt 2076a8e1175bSopenharmony_ci cat $^ > $@ 2077a8e1175bSopenharmony_ci 2078a8e1175bSopenharmony_ci################################################################ 2079a8e1175bSopenharmony_ci#### Generate C format test certs header 2080a8e1175bSopenharmony_ci################################################################ 2081a8e1175bSopenharmony_ci 2082a8e1175bSopenharmony_ciTEST_CERTS_H_INPUT_FILES=test-ca2.crt \ 2083a8e1175bSopenharmony_ci test-ca2.crt.der \ 2084a8e1175bSopenharmony_ci test-ca2.key.enc \ 2085a8e1175bSopenharmony_ci test-ca2.key.der \ 2086a8e1175bSopenharmony_ci test-ca-sha256.crt \ 2087a8e1175bSopenharmony_ci test-ca-sha256.crt.der \ 2088a8e1175bSopenharmony_ci test-ca-sha1.crt \ 2089a8e1175bSopenharmony_ci test-ca-sha1.crt.der \ 2090a8e1175bSopenharmony_ci test-ca.key \ 2091a8e1175bSopenharmony_ci test-ca.key.der \ 2092a8e1175bSopenharmony_ci server5.crt \ 2093a8e1175bSopenharmony_ci server5.crt.der \ 2094a8e1175bSopenharmony_ci server5.key \ 2095a8e1175bSopenharmony_ci server5.key.der \ 2096a8e1175bSopenharmony_ci server2-sha256.crt \ 2097a8e1175bSopenharmony_ci server2-sha256.crt.der \ 2098a8e1175bSopenharmony_ci server2.crt \ 2099a8e1175bSopenharmony_ci server2.crt.der \ 2100a8e1175bSopenharmony_ci server2.key \ 2101a8e1175bSopenharmony_ci server2.key.der \ 2102a8e1175bSopenharmony_ci cli2.crt \ 2103a8e1175bSopenharmony_ci cli2.crt.der \ 2104a8e1175bSopenharmony_ci cli2.key \ 2105a8e1175bSopenharmony_ci cli2.key.der \ 2106a8e1175bSopenharmony_ci cli-rsa-sha256.crt \ 2107a8e1175bSopenharmony_ci cli-rsa-sha256.crt.der \ 2108a8e1175bSopenharmony_ci cli-rsa.key \ 2109a8e1175bSopenharmony_ci cli-rsa.key.der 2110a8e1175bSopenharmony_ci../src/test_certs.h: ../scripts/generate_test_cert_macros.py \ 2111a8e1175bSopenharmony_ci $(TEST_CERTS_H_INPUT_FILES) 2112a8e1175bSopenharmony_ci ../scripts/generate_test_cert_macros.py --output $@ \ 2113a8e1175bSopenharmony_ci --string TEST_CA_CRT_EC_PEM=test-ca2.crt \ 2114a8e1175bSopenharmony_ci --binary TEST_CA_CRT_EC_DER=test-ca2.crt.der \ 2115a8e1175bSopenharmony_ci --string TEST_CA_KEY_EC_PEM=test-ca2.key.enc \ 2116a8e1175bSopenharmony_ci --password TEST_CA_PWD_EC_PEM=PolarSSLTest \ 2117a8e1175bSopenharmony_ci --binary TEST_CA_KEY_EC_DER=test-ca2.key.der \ 2118a8e1175bSopenharmony_ci --string TEST_CA_CRT_RSA_SHA256_PEM=test-ca-sha256.crt \ 2119a8e1175bSopenharmony_ci --binary TEST_CA_CRT_RSA_SHA256_DER=test-ca-sha256.crt.der \ 2120a8e1175bSopenharmony_ci --string TEST_CA_CRT_RSA_SHA1_PEM=test-ca-sha1.crt \ 2121a8e1175bSopenharmony_ci --binary TEST_CA_CRT_RSA_SHA1_DER=test-ca-sha1.crt.der \ 2122a8e1175bSopenharmony_ci --string TEST_CA_KEY_RSA_PEM=test-ca.key \ 2123a8e1175bSopenharmony_ci --password TEST_CA_PWD_RSA_PEM=PolarSSLTest \ 2124a8e1175bSopenharmony_ci --binary TEST_CA_KEY_RSA_DER=test-ca.key.der \ 2125a8e1175bSopenharmony_ci --string TEST_SRV_CRT_EC_PEM=server5.crt \ 2126a8e1175bSopenharmony_ci --binary TEST_SRV_CRT_EC_DER=server5.crt.der \ 2127a8e1175bSopenharmony_ci --string TEST_SRV_KEY_EC_PEM=server5.key \ 2128a8e1175bSopenharmony_ci --binary TEST_SRV_KEY_EC_DER=server5.key.der \ 2129a8e1175bSopenharmony_ci --string TEST_SRV_CRT_RSA_SHA256_PEM=server2-sha256.crt \ 2130a8e1175bSopenharmony_ci --binary TEST_SRV_CRT_RSA_SHA256_DER=server2-sha256.crt.der \ 2131a8e1175bSopenharmony_ci --string TEST_SRV_CRT_RSA_SHA1_PEM=server2.crt \ 2132a8e1175bSopenharmony_ci --binary TEST_SRV_CRT_RSA_SHA1_DER=server2.crt.der \ 2133a8e1175bSopenharmony_ci --string TEST_SRV_KEY_RSA_PEM=server2.key \ 2134a8e1175bSopenharmony_ci --binary TEST_SRV_KEY_RSA_DER=server2.key.der \ 2135a8e1175bSopenharmony_ci --string TEST_CLI_CRT_EC_PEM=cli2.crt \ 2136a8e1175bSopenharmony_ci --binary TEST_CLI_CRT_EC_DER=cli2.crt.der \ 2137a8e1175bSopenharmony_ci --string TEST_CLI_KEY_EC_PEM=cli2.key \ 2138a8e1175bSopenharmony_ci --binary TEST_CLI_KEY_EC_DER=cli2.key.der \ 2139a8e1175bSopenharmony_ci --string TEST_CLI_CRT_RSA_PEM=cli-rsa-sha256.crt \ 2140a8e1175bSopenharmony_ci --binary TEST_CLI_CRT_RSA_DER=cli-rsa-sha256.crt.der \ 2141a8e1175bSopenharmony_ci --string TEST_CLI_KEY_RSA_PEM=cli-rsa.key \ 2142a8e1175bSopenharmony_ci --binary TEST_CLI_KEY_RSA_DER=cli-rsa.key.der 2143a8e1175bSopenharmony_ci 2144a8e1175bSopenharmony_ci################################################################ 2145a8e1175bSopenharmony_ci#### Diffie-Hellman parameters 2146a8e1175bSopenharmony_ci################################################################ 2147a8e1175bSopenharmony_ci 2148a8e1175bSopenharmony_cidh.998.pem: 2149a8e1175bSopenharmony_ci $(OPENSSL) dhparam -out $@ -text 998 2150a8e1175bSopenharmony_ci 2151a8e1175bSopenharmony_cidh.999.pem: 2152a8e1175bSopenharmony_ci $(OPENSSL) dhparam -out $@ -text 999 2153a8e1175bSopenharmony_ci 2154a8e1175bSopenharmony_ci 2155a8e1175bSopenharmony_ci################################################################ 2156a8e1175bSopenharmony_ci#### Meta targets 2157a8e1175bSopenharmony_ci################################################################ 2158a8e1175bSopenharmony_ci 2159a8e1175bSopenharmony_ciall_final: $(all_final) 2160a8e1175bSopenharmony_ciall: $(all_intermediate) $(all_final) 2161a8e1175bSopenharmony_ci 2162a8e1175bSopenharmony_ci.PHONY: default all_final all 2163a8e1175bSopenharmony_ci.PHONY: keys_rsa_all 2164a8e1175bSopenharmony_ci.PHONY: keys_rsa_unenc keys_rsa_enc_basic 2165a8e1175bSopenharmony_ci.PHONY: keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2 2166a8e1175bSopenharmony_ci.PHONY: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096 2167a8e1175bSopenharmony_ci.PHONY: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v2_1024 2168a8e1175bSopenharmony_ci.PHONY: keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v2_2048 2169a8e1175bSopenharmony_ci.PHONY: keys_rsa_enc_pkcs8_v1_4096 keys_rsa_enc_pkcs8_v2_4096 2170a8e1175bSopenharmony_ci.PHONY: server1_all 2171a8e1175bSopenharmony_ci 2172a8e1175bSopenharmony_ci# These files should not be committed to the repository. 2173a8e1175bSopenharmony_cilist_intermediate: 2174a8e1175bSopenharmony_ci @printf '%s\n' $(all_intermediate) | sort 2175a8e1175bSopenharmony_ci# These files should be committed to the repository so that the test data is 2176a8e1175bSopenharmony_ci# available upon checkout without running a randomized process depending on 2177a8e1175bSopenharmony_ci# third-party tools. 2178a8e1175bSopenharmony_cilist_final: 2179a8e1175bSopenharmony_ci @printf '%s\n' $(all_final) | sort 2180a8e1175bSopenharmony_ci.PHONY: list_intermediate list_final 2181a8e1175bSopenharmony_ci 2182a8e1175bSopenharmony_ci## Remove intermediate files 2183a8e1175bSopenharmony_ciclean: 2184a8e1175bSopenharmony_ci rm -f $(all_intermediate) 2185a8e1175bSopenharmony_ci## Remove all build products, even the ones that are committed 2186a8e1175bSopenharmony_cineat: clean 2187a8e1175bSopenharmony_ci rm -f $(all_final) 2188a8e1175bSopenharmony_ci.PHONY: clean neat 2189a8e1175bSopenharmony_ci 2190a8e1175bSopenharmony_ci.SECONDARY: $(all_intermediate) 2191