| 12345678910111213141516171819202122232425262728293031323334 |
- all : key.enc.pem gpgsm-params cert.der cert.pem cert.openssl-text
- key.enc.pem :
- openssl genrsa -out "$@" -aes256 2048
- subject-keygrip.hex : key.enc.pem
- openssl rsa -in "$<" \
- | openssl pkcs12 -export -nocerts -passout pass: \
- | gpgsm --import 2>&1 \
- | grep -Po 'keygrip=\s*\K.*' | sed 's/ //g' >$@
- gpgsm-params : gpgsm-params-template subject-keygrip.hex issuer-keygrip.hex expiry-datetime
- ./prepare-gpgsm-params --template gpgsm-params-template \
- --subject-keygrip "$(shell cat subject-keygrip.hex)" \
- --issuer-keygrip "$(shell cat issuer-keygrip.hex)" \
- --expiry-datetime "$(shell date --iso-8601=seconds --date="$(shell cat expiry-datetime)")" \
- > $@
- cert.der : gpgsm-params
- gpgsm --gen-key --batch --output $@ < $^
- cert.pem : cert.der
- openssl x509 -inform der -in $^ -outform pem -out $@
- cert.openssl-text : cert.pem
- openssl x509 -in $^ -text -noout > $@
- clean :
- -shred key.enc.pem && rm key.enc.pem
- -trash subject-keygrip.hex
- -trash gpgsm-params
- -trash cert.der
- -trash cert.pem
- -trash cert.openssl-text
|
