From 59dc4f482b32e495b2bfa48a4bc7fd4e526dbc40 Mon Sep 17 00:00:00 2001
From: Anthony Hu <anthony@wolfssl.com>
Date: Tue, 26 Oct 2021 16:53:56 -0400
Subject: [PATCH] Change generated file names to reflect NIST levels and some
 other cosmetic fixes.

---
 certmanager/README.md                 |  2 +-
 certmanager/generate_falcon_chains.sh | 36 +++++++++++++--------------
 2 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/certmanager/README.md b/certmanager/README.md
index 20d22859..d4ac6779 100644
--- a/certmanager/README.md
+++ b/certmanager/README.md
@@ -20,7 +20,7 @@ downloading and building their OpenSSL fork can be found here:
 
 https://github.com/open-quantum-safe/openssl/releases/tag/OQS-OpenSSL_1_1_1-stable-snapshot-2021-08
 
-Note that installation of the OpenSSL fork is NOT neccessary.a
+Note that installation of the OpenSSL fork is NOT neccessary.
 
 The `generate_falcon_chains.sh` script will allow you to use the OQS project's
 OpenSSL in order to generate a self-signed CA certificate and entity
diff --git a/certmanager/generate_falcon_chains.sh b/certmanager/generate_falcon_chains.sh
index bd97c6b5..fc361f86 100755
--- a/certmanager/generate_falcon_chains.sh
+++ b/certmanager/generate_falcon_chains.sh
@@ -1,6 +1,6 @@
-#!/bin/bash 
+#!/bin/bash
 
-# Script to generate Falcon 512 and Falcon1024 certificate chains.
+# Script to generate Falcon NIST Level 1 and 5 certificate chains.
 #
 # Copyright 2021 wolfSSL Inc. All rights reserved.
 # Original Author: Anthony Hu.
@@ -54,42 +54,42 @@ keyUsage               = critical, digitalSignature\n\
 extendedKeyUsage       = critical, serverAuth,clientAuth\n" > entity.conf
 
 ###############################################################################
-# Falcon 512
+# Falcon NIST Level 1
 ###############################################################################
 
-# Generate root key and entity private keys. 
-${OPENSSL} genpkey -algorithm falcon512 -outform pem -out falcon512_root_key.pem
-${OPENSSL} genpkey -algorithm falcon512 -outform pem -out falcon512_entity_key.pem
+# Generate root key and entity private keys.
+${OPENSSL} genpkey -algorithm falcon512 -outform pem -out falcon_level1_root_key.pem
+${OPENSSL} genpkey -algorithm falcon512 -outform pem -out falcon_level1_entity_key.pem
 
 # Generate the root certificate
-${OPENSSL} req -x509 -config root.conf -extensions ca_extensions -days 365 -set_serial 512 -key falcon512_root_key.pem -out falcon512_root_cert.pem 
+${OPENSSL} req -x509 -config root.conf -extensions ca_extensions -days 365 -set_serial 512 -key falcon_level1_root_key.pem -out falcon_level1_root_cert.pem
 
 # Generate the entity CSR.
-${OPENSSL} req -new -config entity.conf -key falcon512_entity_key.pem -out falcon512_entity_req.pem 
+${OPENSSL} req -new -config entity.conf -key falcon_level1_entity_key.pem -out falcon_level1_entity_req.pem
 
 # Generate the entity X.509 certificate.
-${OPENSSL} x509 -req -in falcon512_entity_req.pem -CA falcon512_root_cert.pem -CAkey falcon512_root_key.pem -extfile entity.conf -extensions x509v3_extensions -days 365 -set_serial 513 -out falcon512_entity_cert.pem
+${OPENSSL} x509 -req -in falcon_level1_entity_req.pem -CA falcon_level1_root_cert.pem -CAkey falcon_level1_root_key.pem -extfile entity.conf -extensions x509v3_extensions -days 365 -set_serial 513 -out falcon_level1_entity_cert.pem
 
 ###############################################################################
-# Falcon 1024
+# Falcon NIST Level 5
 ###############################################################################
 
-# Generate root key and entity private keys. 
-${OPENSSL} genpkey -algorithm falcon1024 -outform pem -out falcon1024_root_key.pem
-${OPENSSL} genpkey -algorithm falcon1024 -outform pem -out falcon1024_entity_key.pem
+# Generate root key and entity private keys.
+${OPENSSL} genpkey -algorithm falcon1024 -outform pem -out falcon_level5_root_key.pem
+${OPENSSL} genpkey -algorithm falcon1024 -outform pem -out falcon_level5_entity_key.pem
 
 # Generate the root certificate
-${OPENSSL} req -x509 -config root.conf -extensions ca_extensions -days 365 -set_serial 1024 -key falcon1024_root_key.pem -out falcon1024_root_cert.pem
+${OPENSSL} req -x509 -config root.conf -extensions ca_extensions -days 365 -set_serial 1024 -key falcon_level5_root_key.pem -out falcon_level5_root_cert.pem
 
 # Generate the entity CSR.
-${OPENSSL} req -new -config entity.conf -key falcon1024_entity_key.pem -out falcon1024_entity_req.pem
+${OPENSSL} req -new -config entity.conf -key falcon_level5_entity_key.pem -out falcon_level5_entity_req.pem
 
 # Generate the entity X.509 certificate.
-${OPENSSL} x509 -req -in falcon1024_entity_req.pem -CA falcon1024_root_cert.pem -CAkey falcon1024_root_key.pem -extfile entity.conf -extensions x509v3_extensions -days 365 -set_serial 1025 -out falcon1024_entity_cert.pem
+${OPENSSL} x509 -req -in falcon_level5_entity_req.pem -CA falcon_level5_root_cert.pem -CAkey falcon_level5_root_key.pem -extfile entity.conf -extensions x509v3_extensions -days 365 -set_serial 1025 -out falcon_level5_entity_cert.pem
 
 ###############################################################################
 # Verify all generated certificates.
 ###############################################################################
-${OPENSSL} verify -no-CApath -check_ss_sig -CAfile falcon512_root_cert.pem falcon512_entity_cert.pem
-${OPENSSL} verify -no-CApath -check_ss_sig -CAfile falcon1024_root_cert.pem falcon1024_entity_cert.pem
+${OPENSSL} verify -no-CApath -check_ss_sig -CAfile falcon_level1_root_cert.pem falcon_level1_entity_cert.pem
+${OPENSSL} verify -no-CApath -check_ss_sig -CAfile falcon_level5_root_cert.pem falcon_level5_entity_cert.pem