source: mod_gnutls/t/Makefile @ 834d926

debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
Last change on this file since 834d926 was 3e800f9, checked in by Daniel Kahn Gillmor <dkg@…>, 7 years ago

test suite: OpenPGP certificates and secrets

Make ASCII-armored OpenPGP certificates and secret keys for everyone
signed by the "Testing Authority".

  • Property mode set to 100644
File size: 3.1 KB
Line 
1#!/usr/bin/make -f
2
3# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
4
5# run these tests to ensure that mod_gnutls can handle a range of
6# simple configuration choices.
7
8export TEST_HOST ?= localhost
9export TEST_IP ?= ::1
10# chosen at random:
11export TEST_PORT ?= 9932
12
13export TEST_GAP ?= 1.5
14export TEST_QUERY_DELAY ?= 2
15
16all: setup.done
17        ./runtests
18
19t-%: setup.done
20        ./runtests $@
21
22
23
24
25
26### for setting up a little miniature CA + server + client environment:
27identities := server authority client imposter rogueca
28tokens := x509.pem secring.gpg secret.key cert.pgp secret.pgp
29all_tokens := $(foreach id,$(identities),$(foreach token,$(tokens),$(id)/$(token)))
30
31%.template: %.template.in
32        sed s/__HOSTNAME__/$(TEST_HOST)/ < $< > $@
33
34server.uid: server.uid.in
35        sed s/__HOSTNAME__/$(TEST_HOST)/ < $< > $@
36
37%/secret.key:
38        mkdir -p $(dir $@)
39        chmod 0700 $(dir $@)
40        certtool --generate-privkey > $@
41
42%/secring.gpg: %.uid %/secret.key
43        rm -f $(dir $@)pubring.gpg $(dir $@)secring.gpg $(dir $@)trustdb.gpg
44        PEM2OPENPGP_EXPIRATION=86400 PEM2OPENPGP_USAGE_FLAGS=authenticate,certify pem2openpgp "$$(cat $<)" < $(dir $@)secret.key | GNUPGHOME=$(dir $@) gpg --import
45        printf "%s:6:\n" "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" | GNUPGHOME=$(dir $@) gpg --import-ownertrust
46
47%/gpg.conf: %/secring.gpg
48        printf "default-key %s\n" "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
49
50%/secret.pgp: %/secring.gpg
51        GNUPGHOME=$(dir $@) gpg --armor --batch --no-tty --yes --export-secret-key "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
52
53%/minimal.pgp: %/secring.gpg
54        GNUPGHOME=$(dir $@) gpg --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
55
56%/cert.pgp: %/minimal.pgp authority/gpg.conf
57        GNUPGHOME=authority gpg --import $<
58        GNUPGHOME=authority gpg --batch --sign-key --no-tty --yes "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)"
59        GNUPGHOME=authority gpg --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
60
61# special cases for the authorities' root certs:
62authority/x509.pem: authority.template authority/secret.key
63        certtool --generate-self-signed --load-privkey=authority/secret.key --template=authority.template > $@
64rogueca/x509.pem: rogueca.template rogueca/secret.key
65        certtool --generate-self-signed --load-privkey=rogueca/secret.key --template=rogueca.template > $@
66
67%/cert-request: %.template %/secret.key
68        certtool --generate-request --load-privkey=$(dir $@)secret.key --template=$< > $@
69
70%/x509.pem: %.template %/cert-request authority/secret.key authority/x509.pem
71        certtool --generate-certificate --load-ca-certificate=authority/x509.pem --load-ca-privkey=authority/secret.key --load-request=$(dir $@)cert-request --template=$< > $@
72
73setup.done: $(all_tokens)
74        mkdir -p logs cache outputs
75        touch setup.done
76
77
78clean:
79        rm -rf server client authority logs cache outputs setup.done server.template
80
81.PHONY: all clean
Note: See TracBrowser for help on using the repository browser.