diff options
author | Linus Nordberg <linus@sunet.se> | 2020-01-03 05:35:55 +0100 |
---|---|---|
committer | Linus Nordberg <linus@sunet.se> | 2020-01-03 05:35:55 +0100 |
commit | a1eb245c4bd4ce5527fcd601c7c553d0e4b74fc5 (patch) | |
tree | eb2fca50f7ae87dc350c7c3b7fd19cd20a126db1 /tests | |
parent | c4cae39157b8aae5320116de9e93261b396227d1 (diff) |
generate openssl config files
Also, no .pem on sigfile names.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/Makefile | 31 | ||||
-rw-r--r-- | tests/openssl.direct.cnf | 11 | ||||
-rw-r--r-- | tests/openssl.p11p.cnf | 11 |
3 files changed, 23 insertions, 30 deletions
diff --git a/tests/Makefile b/tests/Makefile index b664790..2432680 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -14,12 +14,9 @@ export SOFTHSM2_CONF = $(SOFTHSM_DIR)/softhsm2.conf all: direct-softhsm p11p-softhsm -p11p-softhsm: testsig.hsm.p11p.pem +p11p-softhsm: openssl.p11p.cnf testsig.hsm.p11p echo "$(TEXT)" | ./do-verify.sh $< $(P11P_PROVIDER) ./openssl.p11p.cnf $(SOFTHSM_PROVIDER) -direct-softhsm: testsig.hsm.pem - echo "$(TEXT)" | ./do-verify.sh $< $(SOFTHSM_PROVIDER) ./openssl.direct.cnf - softhsm-token-setup: softhsm-token-setup.stamp softhsm-token-setup.stamp: softhsm/tokens testkey.pkcs8 test -x $(SOFTHSM) @@ -37,19 +34,37 @@ testkey.pkcs8: testkey.pem testkey.pem: openssl genrsa -out $@ 2048 -testsig.local.pem: testkey.pem +testsig.local: testkey.pem echo "$(TEXT)" | openssl dgst -sha256 -sign testkey.pem -out $@ -testsig.hsm.pem: softhsm-token-setup +testsig.hsm: softhsm-token-setup echo "$(TEXT)" | ./do-sign.sh $@ $(SOFTHSM_PROVIDER) ./openssl.direct.cnf -testsig.hsm.p11p.pem: softhsm-token-setup +testsig.hsm.p11p: openssl.p11p.cnf softhsm-token-setup echo "$(TEXT)" | ./do-sign.sh $@ $(P11P_PROVIDER) ./openssl.p11p.cnf $(SOFTHSM_PROVIDER) +direct-softhsm: testsig.hsm openssl.direct.cnf + echo "$(TEXT)" | ./do-verify.sh $< $(SOFTHSM_PROVIDER) ./openssl.direct.cnf + +openssl.direct.cnf: openssl.template.cnf + sed -e "s!@@P11P_PROVIDER@@!$(SOFTHSM_PROVIDER)!1" <$^ >$@ + +openssl.p11p.cnf: openssl.template.cnf + sed -e "s!@@P11P_PROVIDER@@!$(P11P_PROVIDER)!1" <$^ >$@ + + +openssl.template.cnf: + printf "openssl_conf = openssl_init\n" >> $@ + printf "[openssl_init]\nengines=engine_section\n" >> $@ + printf "[engine_section]\npkcs11 = pkcs11_section\n" >> $@ + printf "[pkcs11_section]\ndynamic_path = /usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so\n" >> $@ + printf "MODULE_PATH = @@P11P_PROVIDER@@\n" >> $@ + clean: -rm -r softhsm -rm softhsm-token-setup.stamp -rm testkey.pem testkey.pkcs8 - -rm testsig.*.pem + -rm testsig.* + -rm openssl.*.cnf .PHONY: clean diff --git a/tests/openssl.direct.cnf b/tests/openssl.direct.cnf deleted file mode 100644 index a1add57..0000000 --- a/tests/openssl.direct.cnf +++ /dev/null @@ -1,11 +0,0 @@ -openssl_conf = openssl_init - -[openssl_init] -engines=engine_section - -[engine_section] -pkcs11 = pkcs11_section - -[pkcs11_section] -dynamic_path = /usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so -MODULE_PATH = /usr/lib/softhsm/libsofthsm2.so diff --git a/tests/openssl.p11p.cnf b/tests/openssl.p11p.cnf deleted file mode 100644 index 4037045..0000000 --- a/tests/openssl.p11p.cnf +++ /dev/null @@ -1,11 +0,0 @@ -openssl_conf = openssl_init - -[openssl_init] -engines=engine_section - -[engine_section] -pkcs11 = pkcs11_section - -[pkcs11_section] -dynamic_path = /usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so -MODULE_PATH = /usr/local/lib/pkcs11/p11-kit-client.so |