projects / platform / upstream / nodejs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'v1.x'
[platform/upstream/nodejs.git] / test / fixtures / keys / Makefile
1 all: agent1-cert.pem agent2-cert.pem agent3-cert.pem agent4-cert.pem agent5-cert.pem ca2-crl.pem ec-cert.pem dh512.pem dh1024.pem dh2048.pem rsa_private_1024.pem rsa_private_2048.pem rsa_private_4096.pem rsa_public_1024.pem rsa_public_2048.pem rsa_public_4096.pem
2
3
4 #
5 # Create Certificate Authority: ca1
6 # ('password' is used for the CA password.)
7 #
8 ca1-cert.pem: ca1.cnf
9         openssl req -new -x509 -days 9999 -config ca1.cnf -keyout ca1-key.pem -out ca1-cert.pem
10
11 #
12 # Create Certificate Authority: ca2
13 # ('password' is used for the CA password.)
14 #
15 ca2-cert.pem: ca2.cnf
16         openssl req -new -x509 -days 9999 -config ca2.cnf -keyout ca2-key.pem -out ca2-cert.pem
17         echo '01' > ca2-serial
18         touch ca2-database.txt
19
20 #
21 # Create Subordinate Certificate Authority: ca3
22 # ('password' is used for the CA password.)
23 #
24 ca3-key.pem:
25         openssl genrsa -out ca3-key.pem 1024
26
27 ca3-csr.pem: ca3.cnf ca3-key.pem
28         openssl req -new \
29                 -extensions v3_ca -config ca3.cnf -key ca3-key.pem -out ca3-csr.pem
30
31 ca3-cert.pem: ca3-csr.pem ca3-key.pem ca3.cnf ca1-cert.pem ca1-key.pem
32         openssl x509 -req \
33                 -extfile ca3.cnf \
34                 -extensions v3_ca \
35                 -days 9999 \
36                 -passin "pass:password" \
37                 -in ca3-csr.pem \
38                 -CA ca1-cert.pem \
39                 -CAkey ca1-key.pem \
40                 -CAcreateserial \
41                 -out ca3-cert.pem
42
43 #
44 # agent1 is signed by ca1.
45 #
46
47 agent1-key.pem:
48         openssl genrsa -out agent1-key.pem 1024
49
50 agent1-csr.pem: agent1.cnf agent1-key.pem
51         openssl req -new -config agent1.cnf -key agent1-key.pem -out agent1-csr.pem
52
53 agent1-cert.pem: agent1-csr.pem ca1-cert.pem ca1-key.pem
54         openssl x509 -req \
55                 -extfile agent1.cnf \
56                 -extensions v3_ca \
57                 -days 9999 \
58                 -passin "pass:password" \
59                 -in agent1-csr.pem \
60                 -CA ca1-cert.pem \
61                 -CAkey ca1-key.pem \
62                 -CAcreateserial \
63                 -out agent1-cert.pem
64
65 agent1-verify: agent1-cert.pem ca1-cert.pem
66         openssl verify -CAfile ca1-cert.pem agent1-cert.pem
67
68
69 #
70 # agent2 has a self signed cert
71 #
72 # Generate new private key
73 agent2-key.pem:
74         openssl genrsa -out agent2-key.pem 1024
75
76 # Create a Certificate Signing Request for the key
77 agent2-csr.pem: agent2-key.pem agent2.cnf
78         openssl req -new -config agent2.cnf -key agent2-key.pem -out agent2-csr.pem
79
80 # Create a Certificate for the agent.
81 agent2-cert.pem: agent2-csr.pem agent2-key.pem
82         openssl x509 -req \
83                 -days 9999 \
84                 -in agent2-csr.pem \
85                 -signkey agent2-key.pem \
86                 -out agent2-cert.pem
87
88 agent2-verify: agent2-cert.pem
89         openssl verify -CAfile agent2-cert.pem agent2-cert.pem
90
91 #
92 # agent3 is signed by ca2.
93 #
94
95 agent3-key.pem:
96         openssl genrsa -out agent3-key.pem 1024
97
98 agent3-csr.pem: agent3.cnf agent3-key.pem
99         openssl req -new -config agent3.cnf -key agent3-key.pem -out agent3-csr.pem
100
101 agent3-cert.pem: agent3-csr.pem ca2-cert.pem ca2-key.pem
102         openssl x509 -req \
103                 -days 9999 \
104                 -passin "pass:password" \
105                 -in agent3-csr.pem \
106                 -CA ca2-cert.pem \
107                 -CAkey ca2-key.pem \
108                 -CAcreateserial \
109                 -out agent3-cert.pem
110
111 agent3-verify: agent3-cert.pem ca2-cert.pem
112         openssl verify -CAfile ca2-cert.pem agent3-cert.pem
113
114
115 #
116 # agent4 is signed by ca2 (client cert)
117 #
118
119 agent4-key.pem:
120         openssl genrsa -out agent4-key.pem 1024
121
122 agent4-csr.pem: agent4.cnf agent4-key.pem
123         openssl req -new -config agent4.cnf -key agent4-key.pem -out agent4-csr.pem
124
125 agent4-cert.pem: agent4-csr.pem ca2-cert.pem ca2-key.pem
126         openssl x509 -req \
127                 -days 9999 \
128                 -passin "pass:password" \
129                 -in agent4-csr.pem \
130                 -CA ca2-cert.pem \
131                 -CAkey ca2-key.pem \
132                 -CAcreateserial \
133                 -extfile agent4.cnf \
134                 -extensions ext_key_usage \
135                 -out agent4-cert.pem
136
137 agent4-verify: agent4-cert.pem ca2-cert.pem
138         openssl verify -CAfile ca2-cert.pem agent4-cert.pem
139
140 #
141 # Make CRL with agent4 being rejected
142 #
143 ca2-crl.pem: ca2-key.pem ca2-cert.pem ca2.cnf
144         openssl ca -revoke agent4-cert.pem \
145                 -keyfile ca2-key.pem \
146                 -cert ca2-cert.pem \
147                 -config ca2.cnf \
148                 -passin 'pass:password'
149         openssl ca \
150                 -keyfile ca2-key.pem \
151                 -cert ca2-cert.pem \
152                 -config ca2.cnf \
153                 -gencrl \
154                 -out ca2-crl.pem \
155                 -passin 'pass:password'
156
157 #
158 # agent5 is signed by ca2 (client cert)
159 #
160
161 agent5-key.pem:
162         openssl genrsa -out agent5-key.pem 1024
163
164 agent5-csr.pem: agent5.cnf agent5-key.pem
165         openssl req -new -config agent5.cnf -key agent5-key.pem -out agent5-csr.pem
166
167 agent5-cert.pem: agent5-csr.pem ca2-cert.pem ca2-key.pem
168         openssl x509 -req \
169                 -days 9999 \
170                 -passin "pass:password" \
171                 -in agent5-csr.pem \
172                 -CA ca2-cert.pem \
173                 -CAkey ca2-key.pem \
174                 -CAcreateserial \
175                 -extfile agent5.cnf \
176                 -extensions ext_key_usage \
177                 -out agent5-cert.pem
178
179 agent5-verify: agent5-cert.pem ca2-cert.pem
180         openssl verify -CAfile ca2-cert.pem agent5-cert.pem
181
182 #
183 # agent6 is signed by ca3
184 #
185
186 agent6-key.pem:
187         openssl genrsa -out agent6-key.pem 1024
188
189 agent6-csr.pem: agent6.cnf agent6-key.pem
190         openssl req -new -config agent6.cnf -key agent6-key.pem -out agent6-csr.pem
191
192 agent6-cert.pem: agent6-csr.pem ca3-cert.pem ca3-key.pem
193         openssl x509 -req \
194                 -days 9999 \
195                 -passin "pass:password" \
196                 -in agent6-csr.pem \
197                 -CA ca3-cert.pem \
198                 -CAkey ca3-key.pem \
199                 -CAcreateserial \
200                 -extfile agent6.cnf \
201                 -out agent6-cert.pem
202         cat ca3-cert.pem >> agent6-cert.pem
203
204 agent6-verify: agent6-cert.pem ca3-cert.pem
205         openssl verify -CAfile ca3-cert.pem agent6-cert.pem
206
207 ec-key.pem:
208         openssl ecparam -genkey -out ec-key.pem -name prime256v1
209
210 ec-csr.pem: ec-key.pem
211         openssl req -new -config ec.cnf -key ec-key.pem -out ec-csr.pem
212
213 ec-cert.pem: ec-csr.pem ec-key.pem
214         openssl x509 -req \
215                 -days 9999 \
216                 -in ec-csr.pem \
217                 -signkey ec-key.pem \
218                 -out ec-cert.pem
219
220 dh512.pem:
221         openssl dhparam -out dh512.pem 512
222
223 dh1024.pem:
224         openssl dhparam -out dh1024.pem 1024
225
226 dh2048.pem:
227         openssl dhparam -out dh2048.pem 2048
228
229 rsa_private_1024.pem:
230         openssl genrsa -out rsa_private_1024.pem 1024
231
232 rsa_private_2048.pem:
233         openssl genrsa -out rsa_private_2048.pem 2048
234
235 rsa_private_4096.pem:
236         openssl genrsa -out rsa_private_4096.pem 4096
237
238 rsa_public_1024.pem: rsa_private_1024.pem
239         openssl rsa -in rsa_private_1024.pem -out rsa_public_1024.pem
240
241 rsa_public_2048.pem: rsa_private_2048.pem
242         openssl rsa -in rsa_private_2048.pem -out rsa_public_2048.pem
243
244 rsa_public_4096.pem: rsa_private_4096.pem
245         openssl rsa -in rsa_private_4096.pem -out rsa_public_4096.pem
246
247 clean:
248         rm -f *.pem *.srl ca2-database.txt ca2-serial
249
250 test: agent1-verify agent2-verify agent3-verify agent4-verify agent5-verify
251
252
253 .PHONY: all clean test agent1-verify agent2-verify agent3-verify agent4-verify agent5-verify
Domain: Web Framework / Common;