19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bosedist_noinst_DATA = \
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Boseopenssl_ca_config = $(srcdir)/SSSD_test_CA.config
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Boseopenssl_ca_key = $(srcdir)/SSSD_test_CA_key.pem
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bosepwdfile = pwdfile
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Boseconfigs := $(notdir $(wildcard $(srcdir)/SSSD_test_cert_*.config))
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Boseids := $(subst SSSD_test_cert_,,$(basename $(configs)))
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bosecerts = $(addprefix SSSD_test_cert_x509_,$(addsuffix .pem,$(ids)))
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bosecerts_h = $(addprefix SSSD_test_cert_x509_,$(addsuffix .h,$(ids)))
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bosepubkeys = $(addprefix SSSD_test_cert_pubsshkey_,$(addsuffix .pub,$(ids)))
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bosepubkeys_h = $(addprefix SSSD_test_cert_pubsshkey_,$(addsuffix .h,$(ids)))
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bosepkcs12 = $(addprefix SSSD_test_cert_pkcs12_,$(addsuffix .pem,$(ids)))
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bosenssdb = p11_nssdb p11_nssdb_2certs
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose# If openssl is run in parallel there might be conflicts with the serial
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose.NOTPARALLEL:
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Boseca_all: clean serial SSSD_test_CA.pem $(certs) $(certs_h) $(pubkeys) $(pubkeys_h) $(pkcs12) $(nssdb)
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose @echo "12345678" > $@
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit BoseSSSD_test_CA.pem: $(openssl_ca_key) $(openssl_ca_config) serial
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(OPENSSL) req -batch -config ${openssl_ca_config} -x509 -new -nodes -key $< -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out $@
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit BoseSSSD_test_cert_req_%.pem: $(srcdir)/SSSD_test_cert_key_%.pem $(srcdir)/SSSD_test_cert_%.config
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(OPENSSL) req -new -nodes -key $< -reqexts req_exts -config $(srcdir)/SSSD_test_cert_$*.config -out $@
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit BoseSSSD_test_cert_x509_%.pem: SSSD_test_cert_req_%.pem $(openssl_ca_config) SSSD_test_CA.pem
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(OPENSSL) ca -config ${openssl_ca_config} -batch -notext -keyfile $(openssl_ca_key) -in $< -days 200 -extensions usr_cert -out $@
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit BoseSSSD_test_cert_pkcs12_%.pem: SSSD_test_cert_x509_%.pem $(srcdir)/SSSD_test_cert_key_%.pem $(pwdfile)
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(OPENSSL) pkcs12 -export -in SSSD_test_cert_x509_$*.pem -inkey $(srcdir)/SSSD_test_cert_key_$*.pem -nodes -passout file:$(pwdfile) -out $@
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit BoseSSSD_test_cert_pubkey_%.pem: SSSD_test_cert_x509_%.pem
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(OPENSSL) x509 -in $< -pubkey -noout > $@
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit BoseSSSD_test_cert_pubsshkey_%.pub: SSSD_test_cert_pubkey_%.pem
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(SSH_KEYGEN) -i -m PKCS8 -f $< > $@
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit BoseSSSD_test_cert_x509_%.h: SSSD_test_cert_x509_%.pem
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose @echo "#define SSSD_TEST_CERT_$* \""$(shell cat $< |openssl x509 -outform der | base64 -w 0)"\"" > $@
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit BoseSSSD_test_cert_pubsshkey_%.h: SSSD_test_cert_pubsshkey_%.pub
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose @echo "#define SSSD_TEST_CERT_SSH_KEY_$* \""$(shell cut -d' ' -f2 $<)"\"" > $@
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose# This nss db is used in
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose# - src/tests/cmocka/test_cert_utils.c (validation only)
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bosep11_nssdb: SSSD_test_cert_pkcs12_0001.pem SSSD_test_CA.pem $(pwdfile)
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(CERTUTIL) -d sql:./$@ -N --empty-password
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(CERTUTIL) -d sql:./$@ -A -n 'SSSD test CA' -t CT,CT,CT -a -i SSSD_test_CA.pem
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(PK12UTIL) -d sql:./$@ -i SSSD_test_cert_pkcs12_0001.pem -w $(pwdfile)
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose# This nss db is used in
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bosep11_nssdb_2certs: SSSD_test_cert_pkcs12_0001.pem SSSD_test_cert_pkcs12_0002.pem SSSD_test_CA.pem $(pwdfile)
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(CERTUTIL) -d sql:./$@ -N --empty-password
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(CERTUTIL) -d sql:./$@ -A -n 'SSSD test CA' -t CT,CT,CT -a -i SSSD_test_CA.pem
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(PK12UTIL) -d sql:./$@ p11_nssdb -i SSSD_test_cert_pkcs12_0001.pem -w $(pwdfile)
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(PK12UTIL) -d sql:./$@ p11_nssdb -i SSSD_test_cert_pkcs12_0002.pem -w $(pwdfile)
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit BoseCLEANFILES = \
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose $(certs) $(certs_h) $(pubkeys) $(pubkeys_h) $(pkcs12) \
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose rm -rf newcerts
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose rm -rf p11_nssdb
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose rm -rf p11_nssdb_2certs
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Boseserial: clean
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose mkdir newcerts
19f5dd0b8dc4eff3373a0ac9ea17c2440628fd4cSumit Bose echo -n 01 > serial