-
Notifications
You must be signed in to change notification settings - Fork 102
/
common.mk
99 lines (77 loc) · 2.32 KB
/
common.mk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# -*- mode: BSDmakefile; tab-width: 8; indent-tabs-mode: nil -*-
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at https://mozilla.org/MPL/2.0/.
#
# Copyright (c) 2007-2014 VMware, Inc. or its affiliates. All rights reserved.
# Copyright (c) 2014-2022 Michael Klishin and contributors.
# Copyright (c) 2022 VMware, Inc. or its affiliates. All rights reserved.
OPENSSL = openssl
ifndef PYTHON
PYTHON := python3
endif
ifndef CN
CN := $(shell hostname)
endif
ifndef CLIENT_ALT_NAME
CLIENT_ALT_NAME := $(shell hostname)
endif
ifndef SERVER_ALT_NAME
SERVER_ALT_NAME := $(shell hostname)
endif
ifndef NUMBER_OF_PRIVATE_KEY_BITS
NUMBER_OF_PRIVATE_KEY_BITS := 2048
endif
ifndef DAYS_OF_VALIDITY
DAYS_OF_VALIDITY := 3650
endif
ifndef ECC_CURVE
ECC_CURVE := "prime256v1"
endif
ifndef USE_ECC
USE_ECC := false
endif
ifeq ($(USE_ECC),true)
ECC_FLAGS := --use-ecc --ecc-curve $(ECC_CURVE)
endif
PASS := ""
ifdef PASSWORD
PASS = "$(PASSWORD)"
endif
all: regen verify
clean:
$(PYTHON) profile.py clean --common-name '$(CN)'
gen:
$(PYTHON) profile.py generate --password $(PASS) \
--common-name '$(CN)' \
--client-alt-name $(CLIENT_ALT_NAME) \
--server-alt-name $(SERVER_ALT_NAME) \
--days-of-validity $(DAYS_OF_VALIDITY) \
--key-bits $(NUMBER_OF_PRIVATE_KEY_BITS) $(ECC_FLAGS)
gen-client:
$(PYTHON) profile.py generate-client --password $(PASS) \
--common-name '$(CN)' \
--client-alt-name $(CLIENT_ALT_NAME) \
--days-of-validity $(DAYS_OF_VALIDITY) \
--key-bits $(NUMBER_OF_PRIVATE_KEY_BITS) $(ECC_FLAGS)
gen-server:
$(PYTHON) profile.py generate-server --password $(PASS) \
--common-name '$(CN)' \
--server-alt-name $(SERVER_ALT_NAME) \
--days-of-validity $(DAYS_OF_VALIDITY) \
--key-bits $(NUMBER_OF_PRIVATE_KEY_BITS) $(ECC_FLAGS)
regen:
$(PYTHON) profile.py regenerate --password $(PASS) \
--common-name '$(CN)' \
--client-alt-name $(CLIENT_ALT_NAME) \
--server-alt-name $(SERVER_ALT_NAME) \
--days-of-validity $(DAYS_OF_VALIDITY) \
--key-bits $(NUMBER_OF_PRIVATE_KEY_BITS) $(ECC_FLAGS)
info:
$(PYTHON) profile.py info --common-name '$(CN)'
verify:
$(PYTHON) profile.py verify --common-name '$(CN)'
alias-leaf-artifacts:
$(PYTHON) profile.py alias-leaf-artifacts --common-name '$(CN)'
help:
$(PYTHON) profile.py --help