# Include this file and set the following make variables or use the
# defaults.

# LOGNAME = name of the log to create
LOGNAME ?= $$(basename $$PWD)

# HSM_SO_PIN = SoftHSM "security officer PIN"
HSM_SO_PIN ?= f0f0

# HSM_PIN = SoftHSM PIN
HSM_PIN ?= fefe

# MKLOG = python script for creating all the keys
MKLOG ?= ./mklog.py

# SOFTHSM_BASE_DIR = base directory for SoftHSMv2 installation
SOFTHSM_BASE_DIR ?= ~/usr

# SOFTHSM_UTIL = full path to softhsm2-util from SoftHSMv2
SOFTHSM_UTIL ?= $(SOFTHSM_BASE_DIR)/bin/softhsm2-util

# CATLFISH_SRC = path to catlfish source code
CATLFISH_SRC ?= ~/usr/src/catlfish

log: httpscerts publickeys $(LOGNAME).pem

mklog:
	$(MKLOG) --logname $(LOGNAME) $(LOGNAME).cfg

httpscerts publickeys $(LOGNAME)-private.pem: mklog

$(LOGNAME).pem: $(LOGNAME)-private.pem $(SOFTHSM_UTIL)
	openssl pkcs8 -topk8 -nocrypt \
		-in $(LOGNAME)-private.pem -out $(LOGNAME)-private.pkcs8
	chmod 600 $(LOGNAME)-private.pkcs8
	$(SOFTHSM_UTIL) --init-token --slot 0 --label $(LOGNAME) \
		--so-pin $(HSM_SO_PIN) --pin $(HSM_PIN)
	$(SOFTHSM_UTIL) --import $(LOGNAME)-private.pkcs8 --slot 0 \
		--label $(LOGNAME) --pin $(HSM_PIN) --id 00