/*

 * gnome-keyring

 *

 * Copyright (C) 2010 Collabora Ltd.

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU Lesser General Public License as

 * published by the Free Software Foundation; either version 2.1 of

 * the License, or (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful, but

 * WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

 * Lesser General Public License for more details.

 *

 * You should have received a copy of the GNU Lesser General Public

 * License along with this program; if not, see <http://www.gnu.org/licenses/>.

 *

 * Author: Stef Walter <stefw@collabora.co.uk>

 */

#include "config.h"

#include "console-interaction.h"

#include "gcr/gcr-base.h"

#include "egg/egg-armor.h"

#include <unistd.h>

#include <string.h>

#include <errno.h>

const gchar *cn_name = NULL;

static GckObject *

load_key_for_uri (const gchar *uri)

{

	GError *error = NULL;

	GTlsInteraction *interaction;

	GckEnumerator *enumerator;

	GList *modules;

	GckObject *key;

	gcr_pkcs11_initialize (NULL, &error);

	g_assert_no_error (error);

	modules = gcr_pkcs11_get_modules ();

	enumerator = gck_modules_enumerate_uri (modules, uri, GCK_SESSION_LOGIN_USER |

	                                        GCK_SESSION_READ_ONLY, &error);

	gck_list_unref_free (modules);

	interaction = console_interaction_new ();

	gck_enumerator_set_interaction (enumerator, interaction);

	g_object_unref (interaction);

	key = gck_enumerator_next (enumerator, NULL, &error);

	g_assert_no_error (error);

	g_object_unref (enumerator);

	return key;

}

static void

test_request (const gchar *uri)

{

	GcrCertificateRequest *req;

	GError *error = NULL;

	GckObject *key;

	guchar *data;

	gsize n_data;

	key = load_key_for_uri (uri);

	if (key == NULL)

		g_error ("couldn't find key for uri: %s", uri);

	if (!gcr_certificate_request_capable (key, NULL, &error)) {

		if (error != NULL)

			g_error ("error checking key capabilities: %s", error->message);

		g_clear_error (&error);

		g_printerr ("frob-certificate-request: key doesn't have right capabilities");

		g_object_unref (key);

		return;

	}

	req = gcr_certificate_request_prepare (GCR_CERTIFICATE_REQUEST_PKCS10, key);

	g_object_unref (key);

	gcr_certificate_request_set_cn (req, cn_name);

	gcr_certificate_request_complete (req, NULL, &error);

	g_assert_no_error (error);

	data = gcr_certificate_request_encode (req, TRUE, &n_data);

	if (write (1, data, n_data) < 0)

		g_error ("failed to write: %s", g_strerror (errno));

	g_free (data);

}

int

main(int argc, char *argv[])

{

	g_set_prgname ("frob-certificate-request");

	if (argc <= 1)

		g_printerr ("frob-certificate-request: specify pkcs11: url of key");

	if (cn_name == NULL)

		cn_name = g_strdup ("name.example.com");

	test_request (argv[1]);

	return 0;

}