Changeset 63468af in mod_gnutls for test/test_ca.mk


Ignore:
Timestamp:
Apr 16, 2016, 11:14:26 AM (4 years ago)
Author:
Daniel Kahn Gillmor <dkg@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, upstream
Children:
b586b27, ce12806
Parents:
02c8e54 (diff), c6cfe6e (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Imported Upstream version 0.7.4

File:
1 edited

Legend:

Unmodified
Added
Removed
  • test/test_ca.mk

    r02c8e54 r63468af  
    3535# conditions with parallel make. Locking avoids this problem.
    3636%/cert.pgp: %/minimal.pgp authority/gpg.conf
    37         GNUPGHOME=authority flock authority/lock gpg --import $<
    38         GNUPGHOME=authority flock authority/lock gpg --batch --sign-key --no-tty --yes "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)"
     37        GNUPGHOME=authority $(GPG_FLOCK) gpg --import $<
     38        GNUPGHOME=authority $(GPG_FLOCK) gpg --batch --sign-key --no-tty --yes "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)"
    3939        GNUPGHOME=authority gpg --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
    4040
     
    4848        certtool --generate-request --load-privkey $(dir $@)secret.key --template $< > $@
    4949
     50# normal case: certificates signed by test CA
    5051%/x509.pem: %.template %/cert-request authority/secret.key authority/x509.pem
    5152        certtool --generate-certificate --load-ca-certificate authority/x509.pem --load-ca-privkey authority/secret.key --load-request $(dir $@)cert-request --template $< > $@
    5253
    53 %/softhsm.db: %/x509.pem %/secret.key
    54         SOFTHSM_CONF="$(srcdir)/$(*)-softhsm.conf" $(srcdir)/softhsm.bash init $(dir $@)secret.key $(dir $@)x509.pem
     54# error case: certificates signed by rogue CA
     55rogue%/x509.pem: rogue%.template rogue%/cert-request rogueca/x509.pem
     56        certtool --generate-certificate --load-ca-certificate rogueca/x509.pem --load-ca-privkey rogueca/secret.key --load-request $(dir $@)cert-request --template $< > $@
     57
     58%/softhsm.conf: %/secret.key
     59        echo "0:$(dir $@)softhsm.db" > $@
     60
     61%/softhsm.db: %/x509.pem %/secret.key %/softhsm.conf
     62        SOFTHSM="$(SOFTHSM)" \
     63        SOFTHSM_CONF="$(dir $@)softhsm.conf" \
     64        $(srcdir)/softhsm.bash init $(dir $@)secret.key $(dir $@)x509.pem
     65
     66%/softhsm2.conf: %/secret.key
     67        echo "objectstore.backend = file" > $@
     68        echo "directories.tokendir = $(dir $@)softhsm2.db" >> $@
     69
     70%/softhsm2.db: %/x509.pem %/secret.key %/softhsm2.conf
     71        mkdir -p $@
     72        SOFTHSM="$(SOFTHSM)" \
     73        SOFTHSM2_CONF="$(dir $@)softhsm2.conf" \
     74        $(srcdir)/softhsm.bash init $(dir $@)secret.key $(dir $@)x509.pem
    5575
    5676# Generate CRL revoking a certain certificate. Currently used to
Note: See TracChangeset for help on using the changeset viewer.