tests/certs: added make target to rebuild certificates

The certificate generation scripts were also updated to better match the format of the certificates currently checked in.
2015-03-21 14:23:00 +01:00 · 2015-03-21 14:23:00 +01:00 · 38c304a58f
parent 9cd4d6518f
commit 38c304a58f
3 changed files with 34 additions and 13 deletions
--- a/tests/certs/Makefile.am
+++ b/tests/certs/Makefile.am
@ -23,14 +23,19 @@ AUTOMAKE_OPTIONS = foreign

 SUBDIRS = scripts

-CERTFILES = \
-  EdelCurlRoot-ca.cacert \
+CERTCONFIGS = \
+  EdelCurlRoot-ca.prm \
  EdelCurlRoot-ca.cnf \
+  Server-localhost-sv.prm \
+  Server-localhost.nn-sv.prm \
+  Server-localhost0h-sv.prm
+
+GENERATEDCERTS = \
+  EdelCurlRoot-ca.cacert \
  EdelCurlRoot-ca.crt \
  EdelCurlRoot-ca.csr \
  EdelCurlRoot-ca.der \
  EdelCurlRoot-ca.key \
-  EdelCurlRoot-ca.prm \
  Server-localhost-sv.crl \
  Server-localhost-sv.crt \
  Server-localhost-sv.csr \
@ -39,7 +44,6 @@ CERTFILES = \
  Server-localhost-sv.key \
  Server-localhost-sv.p12 \
  Server-localhost-sv.pem \
-  Server-localhost-sv.prm \
  Server-localhost-sv.pub.der \
  Server-localhost-sv.pub.pem \
  Server-localhost.nn-sv.crl \
@ -49,7 +53,6 @@ CERTFILES = \
  Server-localhost.nn-sv.dhp \
  Server-localhost.nn-sv.key \
  Server-localhost.nn-sv.pem \
-  Server-localhost.nn-sv.prm \
  Server-localhost.nn-sv.pub.der \
  Server-localhost.nn-sv.pub.pem \
  Server-localhost0h-sv.crl \
@ -60,7 +63,6 @@ CERTFILES = \
  Server-localhost0h-sv.key \
  Server-localhost0h-sv.p12 \
  Server-localhost0h-sv.pem \
-  Server-localhost0h-sv.prm \
  Server-localhost0h-sv.pub.der \
  Server-localhost0h-sv.pub.pem

@ -68,5 +70,24 @@ SRPFILES = \
  srp-verifier-conf \
  srp-verifier-db

-EXTRA_DIST = $(CERTFILES) $(SRPFILES)
+EXTRA_DIST = $(CERTCONFIGS) $(GENERATEDCERTS) $(SRPFILES)

+# Rebuild the certificates
+
+clean-certs:
+	cd $(srcdir); rm -f $(GENERATEDCERTS)
+
+build-certs: $(srcdir)/EdelCurlRoot-ca.cacert $(srcdir)/Server-localhost-sv.pem \
+	$(srcdir)/Server-localhost.nn-sv.pem $(srcdir)/Server-localhost0h-sv.pem
+
+$(srcdir)/EdelCurlRoot-ca.cacert:
+	cd $(srcdir); scripts/genroot.sh EdelCurlRoot
+
+$(srcdir)/Server-localhost-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert
+	cd $(srcdir); scripts/genserv.sh Server-localhost EdelCurlRoot
+
+$(srcdir)/Server-localhost.nn-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert
+	cd $(srcdir); scripts/genserv.sh Server-localhost.nn EdelCurlRoot
+
+$(srcdir)/Server-localhost0h-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert
+	cd $(srcdir); scripts/genserv.sh Server-localhost0h EdelCurlRoot
--- a/tests/certs/scripts/genroot.sh
+++ b/tests/certs/scripts/genroot.sh
@ -50,15 +50,15 @@ echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -

 $OPENSSL x509  -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -req -signkey $PREFIX-ca.key -in $PREFIX-ca.csr -out $PREFIX-$SERIAL-ca.cacert -sha1

-echo "openssl x509 -text -hash -out $PREFIX-ca.cacert -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline"
-$OPENSSL x509 -text -hash -out $PREFIX-ca.cacert -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline
+echo "openssl x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert "
+$OPENSSL x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert

 echo "openssl x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der "
 $OPENSSL x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der

-echo "openssl x509 -in $PREFIX-ca.cacert -text -out $PREFIX-ca.crt -nameopt multiline"
+echo "openssl x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt "

-$OPENSSL x509 -in $PREFIX-ca.cacert -text -out $PREFIX-ca.crt -nameopt multiline
+$OPENSSL x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt

 echo "openssl x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline"
 $OPENSSL x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline
--- a/tests/certs/scripts/genserv.sh
+++ b/tests/certs/scripts/genserv.sh
@ -81,9 +81,9 @@ $OPENSSL rsa -in $PREFIX-sv.key -pubout -outform DER -out $PREFIX-sv.pub.der
 echo "openssl rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem"
 $OPENSSL rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem

-echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1"
+echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -text -nameopt multiline -sha1 > $PREFIX-sv.crt "

-$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1
+$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -text -nameopt multiline -sha1 > $PREFIX-sv.crt

 if [ "$P12." = YES. ] ; then