Archives
/
SSLproxy
mirror of https://github.com/sonertari/SSLproxy
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
develop
master
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.7.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2d1ad219b9'
${ noResults }
SSLproxy/extra/pki/GNUmakefile

115 lines
2.8 KiB
Makefile
Raw Blame History

# inherited
VERSION?= unknown
OPENSSL?= openssl
MKDIR?= mkdir
# OpenSSL settings
CA_SUBJECT?= '/C=CH/O=SSLsplit Root CA/CN=SSLsplit Root CA/'
CA_DAYS?= 3650
CA_EXT:= v3_ca
CRT_SUBJECT?= '/C=CH/O=SSLsplit Test Certificate/CN=daniel.roe.ch/'
CRT_DAYS?= 365
CRT_EXT:= v3_crt
CONFIG:= x509v3ca.cnf
PASSWORD:= test
all: rsa dsa ec targets server pwd
session: session.pem
dh: dh512.param dh1024.param dh2048.param
rsa: rsa.pem
pwd: pwd.key
dsa: dsa.pem
ec: ec.pem
server: server.pem
dh512.param:
$(OPENSSL) dhparam -out $@ -2 512
dh1024.param:
$(OPENSSL) dhparam -out $@ -2 1024
dh2048.param:
$(OPENSSL) dhparam -out $@ -2 2048
dsa.param:
$(OPENSSL) dsaparam -out $@ 1024
dsa.key: dsa.param
$(OPENSSL) gendsa -out $@ $<
rsa.key:
$(OPENSSL) genrsa -out $@ 1024
pwd.key: rsa.key
echo $(PASSWORD) | $(OPENSSL) rsa -in $< -out $@ -aes128 -passout stdin
ec.key:
$(OPENSSL) ecparam -out $@ -name prime192v1 -genkey
%.crt: %.key $(CONFIG)
$(OPENSSL) req -new -nodes -x509 -sha1 -out $@ -key $< \
-config $(CONFIG) -extensions $(CA_EXT) \
-subj $(CA_SUBJECT) \
-set_serial 0 -days $(CA_DAYS)
server.key:
$(OPENSSL) genrsa -out $@ 1024
server.crt: server.key $(CONFIG)
$(OPENSSL) req -new -nodes -x509 -sha1 -out $@ -key $< \
-config $(CONFIG) -extensions $(CRT_EXT) \
-subj $(CRT_SUBJECT) \
-set_serial 42 -days $(CRT_DAYS)
%.pem: %.crt %.key
cat $^ >$@
targets: rsa.crt
$(MKDIR) -p targets
$(OPENSSL) genrsa -out targets/daniel.roe.ch.key 1024
$(OPENSSL) req -new -sha1 -subj '/C=CH/CN=daniel.roe.ch/' \
-key targets/daniel.roe.ch.key \
-out targets/daniel.roe.ch.csr
$(OPENSSL) x509 -req -sha1 -CAcreateserial -days 365 \
-CA rsa.crt -CAkey rsa.key \
-in targets/daniel.roe.ch.csr \
-out targets/daniel.roe.ch.crt
cat targets/daniel.roe.ch.crt targets/daniel.roe.ch.key rsa.crt \
>targets/daniel.roe.ch.pem
$(RM) targets/daniel.roe.ch.{key,csr,crt}
$(OPENSSL) genrsa -out targets/wildcard.roe.ch.key 1024
$(OPENSSL) req -new -sha1 -subj '/C=CH/CN=*.roe.ch/' \
-key targets/wildcard.roe.ch.key \
-out targets/wildcard.roe.ch.csr
$(OPENSSL) x509 -req -sha1 -CAcreateserial -days 365 \
-CA rsa.crt -CAkey rsa.key \
-in targets/wildcard.roe.ch.csr \
-out targets/wildcard.roe.ch.crt
cat targets/wildcard.roe.ch.crt targets/wildcard.roe.ch.key rsa.crt \
>targets/wildcard.roe.ch.pem
$(RM) targets/wildcard.roe.ch.{key,csr,crt} rsa.srl
# openssl s_server cannot be easily controlled from scripts; it is
# more robust to just connect to a real server to create a session
session.pem:
( \
echo 'GET /test/SSLsplit-$(VERSION) HTTP/1.1'; \
echo 'Host: daniel.roe.ch'; \
echo 'Connection: close'; \
echo ) | $(OPENSSL) s_client -connect daniel.roe.ch:443 \
-quiet -crlf -no_ign_eof -sess_out $@ >/dev/null 2>&1
test -r $@
clean:
rm -rf rsa.* dsa.* ec.* dh*.param targets *.srl session.pem server.*
.PHONY: all clean rsa dsa ec dh dhall session
Reference in New Issue View Git Blame Copy Permalink