TARGETS := ca-key.pem ca-cert.pem 2048b-rsa-example-keypair.pem 2048b-rsa-example-keypair.der 2048b-rsa-example-request.pem 2048b-rsa-example-request.der 2048b-rsa-example-cert.pem 2048b-rsa-example-cert.der 2048b-rsa-example.p12 2048b-rsa-example.p12.txt chain.pem chain.p12 chain.p12.txt

.PHONY: all
all: $(TARGETS)

ca-key.pem:
	@echo Generate a private key for the self-signed CA
	openssl genrsa 2048 > ca-key.pem

ca-cert.pem: ca-key.pem
	@echo Generate the X509 certificate for the self-signed CA
	openssl req -new -x509 -nodes -days 365000 -key ca-key.pem -out ca-cert.pem -subj "/C=SG/L=Singapore/CN=LCK Test CA"

2048b-rsa-example-keypair.pem:
	@echo Create PEM key
	openssl genrsa 2048 > 2048b-rsa-example-keypair.pem

2048b-rsa-example-keypair.der: 2048b-rsa-example-keypair.pem
	@echo Convert PEM to DER key
	openssl rsa -inform PEM -in 2048b-rsa-example-keypair.pem -outform DER -out 2048b-rsa-example-keypair.der

2048b-rsa-example-request.pem: 2048b-rsa-example-keypair.pem
	@echo Create PEM request
	openssl req -new -key 2048b-rsa-example-keypair.pem -out 2048b-rsa-example-request.pem -subj "/C=SG/L=Singapore/CN=LCK Test Signing Key"

2048b-rsa-example-request.der: 2048b-rsa-example-request.pem
	@echo Convert PEM to DER request
	openssl req -inform PEM -in 2048b-rsa-example-request.pem -outform DER -out 2048b-rsa-example-request.der

2048b-rsa-example-cert.pem: 2048b-rsa-example-request.pem ca-cert.pem ca-key.pem
	@echo Create PEM certificate
	openssl x509 -req -in 2048b-rsa-example-request.pem -days 1825 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 0x01 > 2048b-rsa-example-cert.pem

2048b-rsa-example-cert.der:
	@echo Convert PEM to DER certificate
	openssl x509 -inform PEM -in 2048b-rsa-example-cert.pem -outform DER -out 2048b-rsa-example-cert.der

2048b-rsa-example.p12: 2048b-rsa-example-cert.pem 2048b-rsa-example-keypair.pem
	@echo Create PKCS12 certificate bundle
	openssl pkcs12 -in 2048b-rsa-example-cert.pem -inkey 2048b-rsa-example-keypair.pem -export -out 2048b-rsa-example.p12 -passout pass:test

2048b-rsa-example.p12.txt: 2048b-rsa-example.p12
	@echo Analyze/Verify the certificate Bundle
	openssl pkcs12 -info -in 2048b-rsa-example.p12 -out 2048b-rsa-example.p12.txt -passin pass:test -passout pass:test

chain.pem: 2048b-rsa-example-cert.pem ca-cert.pem
	@echo Create PEM with cert chain
	cat 2048b-rsa-example-cert.pem ca-cert.pem > chain.pem

chain.p12: chain.pem 2048b-rsa-example-keypair.pem
	@echo Create PKCS12 certificate chain bundle
	openssl pkcs12 -in chain.pem -inkey 2048b-rsa-example-keypair.pem -export -out chain.p12 -passout pass:test

chain.p12.txt: chain.p12
	@echo Analyze certificate chain bundle
	openssl pkcs12 -info -in chain.p12 -out chain.p12.txt -passin pass:test -passout pass:test

.PHONY: clean
clean:
	rm -f $(TARGETS)