tests/certs: added make target to rebuild certificates

The certificate generation scripts were also updated to better match the format of the certificates currently checked in.
dongc · Mar 21, 2015 · 38c304a · 38c304a
1 parent 9cd4d65
commit 38c304a
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 13 deletions.
diff --git a/tests/certs/Makefile.am b/tests/certs/Makefile.am
@@ -23,14 +23,19 @@ AUTOMAKE_OPTIONS = foreign
 
 SUBDIRS = scripts
 
-CERTFILES = \
-  EdelCurlRoot-ca.cacert \
+CERTCONFIGS = \
+  EdelCurlRoot-ca.prm \
   EdelCurlRoot-ca.cnf \
+  Server-localhost-sv.prm \
+  Server-localhost.nn-sv.prm \
+  Server-localhost0h-sv.prm
+
+GENERATEDCERTS = \
+  EdelCurlRoot-ca.cacert \
   EdelCurlRoot-ca.crt \
   EdelCurlRoot-ca.csr \
   EdelCurlRoot-ca.der \
   EdelCurlRoot-ca.key \
-  EdelCurlRoot-ca.prm \
   Server-localhost-sv.crl \
   Server-localhost-sv.crt \
   Server-localhost-sv.csr \
@@ -39,7 +44,6 @@ CERTFILES = \
   Server-localhost-sv.key \
   Server-localhost-sv.p12 \
   Server-localhost-sv.pem \
-  Server-localhost-sv.prm \
   Server-localhost-sv.pub.der \
   Server-localhost-sv.pub.pem \
   Server-localhost.nn-sv.crl \
@@ -49,7 +53,6 @@ CERTFILES = \
   Server-localhost.nn-sv.dhp \
   Server-localhost.nn-sv.key \
   Server-localhost.nn-sv.pem \
-  Server-localhost.nn-sv.prm \
   Server-localhost.nn-sv.pub.der \
   Server-localhost.nn-sv.pub.pem \
   Server-localhost0h-sv.crl \
@@ -60,13 +63,31 @@ CERTFILES = \
   Server-localhost0h-sv.key \
   Server-localhost0h-sv.p12 \
   Server-localhost0h-sv.pem \
-  Server-localhost0h-sv.prm \
   Server-localhost0h-sv.pub.der \
   Server-localhost0h-sv.pub.pem
 
 SRPFILES = \
   srp-verifier-conf \
   srp-verifier-db
 
-EXTRA_DIST = $(CERTFILES) $(SRPFILES)
+EXTRA_DIST = $(CERTCONFIGS) $(GENERATEDCERTS) $(SRPFILES)
+
+# Rebuild the certificates
+
+clean-certs:
+	cd $(srcdir); rm -f $(GENERATEDCERTS)
+
+build-certs: $(srcdir)/EdelCurlRoot-ca.cacert $(srcdir)/Server-localhost-sv.pem \
+	$(srcdir)/Server-localhost.nn-sv.pem $(srcdir)/Server-localhost0h-sv.pem
+
+$(srcdir)/EdelCurlRoot-ca.cacert:
+	cd $(srcdir); scripts/genroot.sh EdelCurlRoot
+
+$(srcdir)/Server-localhost-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert
+	cd $(srcdir); scripts/genserv.sh Server-localhost EdelCurlRoot
+
+$(srcdir)/Server-localhost.nn-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert
+	cd $(srcdir); scripts/genserv.sh Server-localhost.nn EdelCurlRoot
 
+$(srcdir)/Server-localhost0h-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert
+	cd $(srcdir); scripts/genserv.sh Server-localhost0h EdelCurlRoot
diff --git a/tests/certs/scripts/genroot.sh b/tests/certs/scripts/genroot.sh
@@ -50,15 +50,15 @@ echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -
 
 $OPENSSL x509  -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -req -signkey $PREFIX-ca.key -in $PREFIX-ca.csr -out $PREFIX-$SERIAL-ca.cacert -sha1
 
-echo "openssl x509 -text -hash -out $PREFIX-ca.cacert -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline"
-$OPENSSL x509 -text -hash -out $PREFIX-ca.cacert -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline
+echo "openssl x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert "
+$OPENSSL x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert
 
 echo "openssl x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der "
 $OPENSSL x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der
 
-echo "openssl x509 -in $PREFIX-ca.cacert -text -out $PREFIX-ca.crt -nameopt multiline"
+echo "openssl x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt "
 
-$OPENSSL x509 -in $PREFIX-ca.cacert -text -out $PREFIX-ca.crt -nameopt multiline
+$OPENSSL x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt
 
 echo "openssl x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline"
 $OPENSSL x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline

diff --git a/tests/certs/scripts/genserv.sh b/tests/certs/scripts/genserv.sh
@@ -81,9 +81,9 @@ $OPENSSL rsa -in $PREFIX-sv.key -pubout -outform DER -out $PREFIX-sv.pub.der
 echo "openssl rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem"
 $OPENSSL rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem
 
-echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1"
+echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -text -nameopt multiline -sha1 > $PREFIX-sv.crt "
 
-$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1
+$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -text -nameopt multiline -sha1 > $PREFIX-sv.crt
 
 if [ "$P12." = YES. ] ; then