Changeset b674e95 in mod_gnutls for test/test_ca.mk


Ignore:
Timestamp:
May 29, 2016, 3:38:07 PM (3 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, master, upstream
Children:
94cb972
Parents:
efe884e (diff), 086cea9 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
git-author:
Thomas Klute <thomas2.klute@…> (05/29/16 15:28:14)
git-committer:
Thomas Klute <thomas2.klute@…> (05/29/16 15:38:07)
Message:

Merge version 0.7.5 into ocsp branch

File:
1 edited

Legend:

Unmodified
Added
Removed
  • test/test_ca.mk

    refe884e rb674e95  
    2020        mkdir -p $(dir $@)
    2121        chmod 0700 $(dir $@)
    22         certtool --generate-privkey > $@
     22        certtool --outfile $@ --generate-privkey
    2323
    24 %/secring.gpg: %.uid %/secret.key
    25         rm -f $(dir $@)pubring.gpg $(dir $@)secring.gpg $(dir $@)trustdb.gpg
    26         PEM2OPENPGP_EXPIRATION=86400 PEM2OPENPGP_USAGE_FLAGS=authenticate,certify,sign pem2openpgp "$$(cat $<)" < $(dir $@)secret.key | GNUPGHOME=$(dir $@) gpg --import
     24%/secret.pgp.raw: %.uid %/secret.key
     25        PEM2OPENPGP_EXPIRATION=86400 PEM2OPENPGP_USAGE_FLAGS=authenticate,certify,sign pem2openpgp "$$(cat $<)" < $(dir $@)secret.key > $@
     26
     27%/secret.pgp: %/secret.pgp.raw pgpcrc
     28        (printf -- '-----BEGIN PGP PRIVATE KEY BLOCK-----\nVersion: test\n\n' && \
     29        base64 < $< && \
     30        printf -- '=' && \
     31        ./pgpcrc < $< | base64 && \
     32        printf -- '-----END PGP PRIVATE KEY BLOCK-----\n' ) > $@
     33
     34%/gpg.conf: %/secret.pgp
     35        rm -f $(dir $@)pubring.gpg $(dir $@)secring.gpg $(dir $@)trustdb.gpg $(dir $@)pubring.kbx $(dir $@)private-keys-v1.d/*.key
     36        GNUPGHOME=$(dir $@) gpg --import $<
    2737        printf "%s:6:\n" "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" | GNUPGHOME=$(dir $@) gpg --import-ownertrust
    28 
    29 %/gpg.conf: %/secring.gpg
    3038        printf "default-key %s\n" "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
    3139
    32 %/secret.pgp: %/secring.gpg
    33         GNUPGHOME=$(dir $@) gpg --armor --batch --no-tty --yes --export-secret-key "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
    34 
    35 %/minimal.pgp: %/secring.gpg
    36         GNUPGHOME=$(dir $@) gpg --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
     40%/minimal.pgp: %/gpg.conf
     41        if test -r $@; then rm $@; fi
     42        GNUPGHOME=$(dir $@) gpg --output $@ --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)"
    3743
    3844# Import and signing modify the shared keyring, which leads to race
    3945# conditions with parallel make. Locking avoids this problem.
    4046%/cert.pgp: %/minimal.pgp authority/gpg.conf
     47        if test -r $@; then rm $@; fi
    4148        GNUPGHOME=authority $(GPG_FLOCK) gpg --import $<
    4249        GNUPGHOME=authority $(GPG_FLOCK) gpg --batch --sign-key --no-tty --yes "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)"
    43         GNUPGHOME=authority gpg --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
     50        GNUPGHOME=authority gpg --output $@ --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)"
    4451
    4552# special cases for the authorities' root certs:
    4653authority/x509.pem: authority.template authority/secret.key
    47         certtool --generate-self-signed --load-privkey authority/secret.key --template authority.template > $@
     54        certtool --outfile $@ --generate-self-signed --load-privkey authority/secret.key --template authority.template
    4855rogueca/x509.pem: $(srcdir)/rogueca.template rogueca/secret.key
    49         certtool --generate-self-signed --load-privkey rogueca/secret.key --template $(srcdir)/rogueca.template > $@
     56        certtool --outfile $@ --generate-self-signed --load-privkey rogueca/secret.key --template $(srcdir)/rogueca.template
    5057
    5158%/cert-request: %.template %/secret.key
    52         certtool --generate-request --load-privkey $(dir $@)secret.key --template $< > $@
     59        certtool --outfile $@ --generate-request --load-privkey $(dir $@)secret.key --template $<
    5360
    5461# normal case: certificates signed by test CA
    5562%/x509.pem: %.template %/cert-request authority/secret.key authority/x509.pem
    56         certtool --generate-certificate --load-ca-certificate authority/x509.pem --load-ca-privkey authority/secret.key --load-request $(dir $@)cert-request --template $< > $@
     63        certtool --outfile $@ --generate-certificate --load-ca-certificate authority/x509.pem --load-ca-privkey authority/secret.key --load-request $(dir $@)cert-request --template $<
    5764
    5865# error case: certificates signed by rogue CA
    5966rogue%/x509.pem: rogue%.template rogue%/cert-request rogueca/x509.pem
    60         certtool --generate-certificate --load-ca-certificate rogueca/x509.pem --load-ca-privkey rogueca/secret.key --load-request $(dir $@)cert-request --template $< > $@
     67        certtool --outfile $@ --generate-certificate --load-ca-certificate rogueca/x509.pem --load-ca-privkey rogueca/secret.key --load-request $(dir $@)cert-request --template $<
    6168
    6269%/softhsm.conf: %/secret.key
     
    8491%/crl.pem: %/x509.pem ${srcdir}/%-crl.template
    8592        certtool --generate-crl \
     93                --outfile $@ \
    8694                --load-ca-privkey authority/secret.key \
    8795                --load-ca-certificate authority/x509.pem \
    8896                --load-certificate $< \
    89                 --template "${srcdir}/$(*)-crl.template" \
    90                 > $@
     97                --template "${srcdir}/$(*)-crl.template"
Note: See TracChangeset for help on using the changeset viewer.