diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index a7517bf781..2029f4f1c8 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1272,7 +1272,7 @@ pkcs7_test_cert_3 = pkcs7-rsa-sha256-3.crt
 pkcs7_test_file = pkcs7_data.bin
 
 $(pkcs7_test_file):
-	echo -e "Hello\xd" > $@
+	printf "Hello\15\n" > $@
 all_final += $(pkcs7_test_file)
 
 pkcs7_zerolendata.bin:
@@ -1280,7 +1280,7 @@ pkcs7_zerolendata.bin:
 all_final += pkcs7_zerolendata.bin
 
 pkcs7_data_1.bin:
-	echo -e "2\xd" > $@
+	printf "2\15\n" > $@
 all_final += pkcs7_data_1.bin
 
 # Generate signing cert
@@ -1360,31 +1360,31 @@ all_final += pkcs7_data_multiple_certs_signed.der
 # pkcs7 signature file with corrupted CERT
 pkcs7_data_signed_badcert.der: pkcs7_data_cert_signed_sha256.der
 	cp pkcs7_data_cert_signed_sha256.der $@
-	echo -en '\xa1' | dd of=$@ bs=1 seek=547 conv=notrunc
+	echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=547 conv=notrunc
 all_final += pkcs7_data_signed_badcert.der
 
 # pkcs7 signature file with corrupted signer info
 pkcs7_data_signed_badsigner.der: pkcs7_data_cert_signed_sha256.der
 	cp pkcs7_data_cert_signed_sha256.der $@
-	echo -en '\xa1' | dd of=$@ bs=1 seek=918 conv=notrunc
+	echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=918 conv=notrunc
 all_final += pkcs7_data_signed_badsigner.der
 
 # pkcs7 signature file with invalid tag in signerInfo[1].serial after long issuer name
 pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der: pkcs7_data_multiple_signed.der
 	cp $< $@
-	echo -en '\xa1' | dd of=$@ bs=1 seek=498 conv=notrunc
+	echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=498 conv=notrunc
 all_final += pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der
 
 # pkcs7 signature file with invalid tag in signerInfo[2]
 pkcs7_signerInfo_2_invalid_tag.der: pkcs7_data_3_signed.der
 	cp $< $@
-	echo -en '\xa1' | dd of=$@ bs=1 seek=810 conv=notrunc
+	echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=810 conv=notrunc
 all_final += pkcs7_signerInfo_2_invalid_tag.der
 
 # pkcs7 file with version 2
 pkcs7_data_cert_signed_v2.der: pkcs7_data_cert_signed_sha256.der
 	cp pkcs7_data_cert_signed_sha256.der $@
-	echo -en '\x02' | dd of=$@ bs=1 seek=25 conv=notrunc
+	echo '02' | xxd -r -p | dd of=$@ bs=1 seek=25 conv=notrunc
 all_final += pkcs7_data_cert_signed_v2.der
 
 pkcs7_data_cert_encrypted.der: $(pkcs7_test_file) $(pkcs7_test_cert_1)
@@ -1395,12 +1395,12 @@ all_final += pkcs7_data_cert_encrypted.der
 # For some interesting sizes, what happens if we make them off-by-one?
 pkcs7_signerInfo_issuer_invalid_size.der: pkcs7_data_cert_signed_sha256.der
 	cp $< $@
-	echo -en '\x35' | dd of=$@ seek=919 bs=1 conv=notrunc
+	echo '35' | xxd -r -p | dd of=$@ seek=919 bs=1 conv=notrunc
 all_final += pkcs7_signerInfo_issuer_invalid_size.der
 
 pkcs7_signerInfo_serial_invalid_size.der: pkcs7_data_cert_signed_sha256.der
 	cp $< $@
-	echo -en '\x15' | dd of=$@ seek=973 bs=1 conv=notrunc
+	echo '15' | xxd -r -p | dd of=$@ seek=973 bs=1 conv=notrunc
 all_final += pkcs7_signerInfo_serial_invalid_size.der
 
 # pkcs7 signature file just with signed data