sources = $(shell find src -name '*.java')
classes = $(sources:src/%.java=build/%.class)
dats = org/ibex/net/ssl/rootcerts.dat
+cacertificates_version = 20050518
jar_sources = \
$(shell find src/org/ibex/crypto -name '*.java') \
# We should probably verify this file somehow
tmp/.havecacerts:
@mkdir -p tmp
- wget -O - http://ftp.debian.org/debian/pool/main/c/ca-certificates/ca-certificates_20020323.tar.gz | gzip -dc | tar -C tmp -xf-
- cd tmp/ca-certificates/mozilla && \
+ wget -O - http://ftp.debian.org/debian/pool/main/c/ca-certificates/ca-certificates_$(cacertificates_version).tar.gz | gzip -dc | tar -C tmp -xf-
+ cd tmp/ca-certificates-$(cacertificates_version)/mozilla && \
make all; \
- for f in *.pem; do \
+ for f in *.crt; do \
openssl x509 -in "$$f" -out "$$f.der" -outform der; \
done
touch $@
-update-rootcerts: tmp/.havecacerts src/org/ibex/net/ssl/GenCompactCAList.java
- java -cp build org.ibex.net.ssl.GenCompactCAList binary tmp/ca-certificates/mozilla/*.der > src/org/ibex/net/ssl/rootcerts.dat
- java -cp build org.ibex.net.ssl.GenCompactCAList class tmp/ca-certificates/mozilla/*.der > src/org/ibex/net/ssl/RootCerts.java
+tmp/.havebouncycastle:
+ @mkdir -p tmp
+ test -d tmp/lcrypto-jdk11-128 || wget -O - http://www.bouncycastle.org/download/lcrypto-jdk11-128.tar.gz | gzip -dc | tar -C tmp -xf -
+ javac -d build $(shell find tmp/lcrypto-jdk11-128/src -name '*.java' ! -path '*/test/*')
+ touch $@
+
+build/GenCompactCAList.class: tools/GenCompactCAList.java tmp/.havebouncycastle
+ javac -classpath build -d build $<
+
+update-rootcerts: tmp/.havecacerts build/GenCompactCAList.class
+ java -cp build GenCompactCAList binary tmp/ca-certificates-$(cacertificates_version)/mozilla/*.der > src/org/ibex/net/ssl/rootcerts.dat
+ java -cp build GenCompactCAList class tmp/ca-certificates-$(cacertificates_version)/mozilla/*.der > src/org/ibex/net/ssl/RootCerts.java
sizecheck:
@for c in $(jar_classes); do \
-package org.ibex.net.ssl;
import java.io.*;
-//import org.bouncycastle.asn1.*;
-//import org.bouncycastle.asn1.x509.*;
+import org.bouncycastle.asn1.*;
+import org.bouncycastle.asn1.x509.*;
public class GenCompactCAList {
- /*
public static void main(String[] args) throws Exception {
if(args.length < 2) throw new Exception("Usage: GenCAList format file(s)");
String format = args[0];
- DER.EncodableVector vec = new DEREncodableVector();
+ DEREncodableVector vec = new DEREncodableVector();
for(int i=1;i<args.length;i++) {
- X509.CertificateStructure x509 = new X509.CertificateStructure((ASN1Sequence) new ASN1InputStream(new FileInputStream(args[i])).readObject());
- X509.Name subject = x509.getSubject();
+ X509CertificateStructure x509 = new X509CertificateStructure((ASN1Sequence) new ASN1InputStream(new FileInputStream(args[i])).readObject());
+ X509Name subject = x509.getSubject();
SubjectPublicKeyInfo pki = x509.getSubjectPublicKeyInfo();
- RSA.PublicKeyStructure rsa = new RSA.PublicKeyStructure((ASN1Sequence) pki.getPublicKey());
- DER.EncodableVector vec2 = new DEREncodableVector();
+ RSAPublicKeyStructure rsa = new RSAPublicKeyStructure((ASN1Sequence) pki.getPublicKey());
+ DEREncodableVector vec2 = new DEREncodableVector();
vec2.add(subject);
vec2.add(rsa);
vec.add(new DERSequence(vec2));
}
if(format.equals("binary")) {
- DER.OutputStream dos = new DEROutputStream(System.out);
+ DEROutputStream dos = new DEROutputStream(System.out);
dos.writeObject(new DERSequence(vec));
dos.close();
} else if(format.equals("class")){
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- DER.OutputStream dos = new DEROutputStream(baos);
+ DEROutputStream dos = new DEROutputStream(baos);
dos.writeObject(new DERSequence(vec));
dos.close();
baos.close();
}
return new String(buf);
}
- */
}