|
Packit |
b00eeb |
/*
|
|
Packit |
b00eeb |
* gnome-keyring
|
|
Packit |
b00eeb |
*
|
|
Packit |
b00eeb |
* Copyright (C) 2010 Collabora Ltd.
|
|
Packit |
b00eeb |
*
|
|
Packit |
b00eeb |
* This program is free software; you can redistribute it and/or modify
|
|
Packit |
b00eeb |
* it under the terms of the GNU Lesser General Public License as
|
|
Packit |
b00eeb |
* published by the Free Software Foundation; either version 2.1 of
|
|
Packit |
b00eeb |
* the License, or (at your option) any later version.
|
|
Packit |
b00eeb |
*
|
|
Packit |
b00eeb |
* This program is distributed in the hope that it will be useful, but
|
|
Packit |
b00eeb |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
b00eeb |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
b00eeb |
* Lesser General Public License for more details.
|
|
Packit |
b00eeb |
*
|
|
Packit |
b00eeb |
* You should have received a copy of the GNU Lesser General Public
|
|
Packit |
b00eeb |
* License along with this program; if not, see <http://www.gnu.org/licenses/>.
|
|
Packit |
b00eeb |
*
|
|
Packit |
b00eeb |
* Author: Stef Walter <stefw@collabora.co.uk>
|
|
Packit |
b00eeb |
*/
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include "config.h"
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include "console-interaction.h"
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include "gcr/gcr-base.h"
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include "egg/egg-armor.h"
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include <unistd.h>
|
|
Packit |
b00eeb |
#include <string.h>
|
|
Packit |
b00eeb |
#include <errno.h>
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
const gchar *cn_name = NULL;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
static GckObject *
|
|
Packit |
b00eeb |
load_key_for_uri (const gchar *uri)
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
GError *error = NULL;
|
|
Packit |
b00eeb |
GTlsInteraction *interaction;
|
|
Packit |
b00eeb |
GckEnumerator *enumerator;
|
|
Packit |
b00eeb |
GList *modules;
|
|
Packit |
b00eeb |
GckObject *key;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
gcr_pkcs11_initialize (NULL, &error);
|
|
Packit |
b00eeb |
g_assert_no_error (error);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
modules = gcr_pkcs11_get_modules ();
|
|
Packit |
b00eeb |
enumerator = gck_modules_enumerate_uri (modules, uri, GCK_SESSION_LOGIN_USER |
|
|
Packit |
b00eeb |
GCK_SESSION_READ_ONLY, &error);
|
|
Packit |
b00eeb |
gck_list_unref_free (modules);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
interaction = console_interaction_new ();
|
|
Packit |
b00eeb |
gck_enumerator_set_interaction (enumerator, interaction);
|
|
Packit |
b00eeb |
g_object_unref (interaction);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
key = gck_enumerator_next (enumerator, NULL, &error);
|
|
Packit |
b00eeb |
g_assert_no_error (error);
|
|
Packit |
b00eeb |
g_object_unref (enumerator);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
return key;
|
|
Packit |
b00eeb |
}
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
static void
|
|
Packit |
b00eeb |
test_request (const gchar *uri)
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
GcrCertificateRequest *req;
|
|
Packit |
b00eeb |
GError *error = NULL;
|
|
Packit |
b00eeb |
GckObject *key;
|
|
Packit |
b00eeb |
guchar *data;
|
|
Packit |
b00eeb |
gsize n_data;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
key = load_key_for_uri (uri);
|
|
Packit |
b00eeb |
if (key == NULL)
|
|
Packit |
b00eeb |
g_error ("couldn't find key for uri: %s", uri);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
if (!gcr_certificate_request_capable (key, NULL, &error)) {
|
|
Packit |
b00eeb |
if (error != NULL)
|
|
Packit |
b00eeb |
g_error ("error checking key capabilities: %s", error->message);
|
|
Packit |
b00eeb |
g_clear_error (&error);
|
|
Packit |
b00eeb |
g_printerr ("frob-certificate-request: key doesn't have right capabilities");
|
|
Packit |
b00eeb |
g_object_unref (key);
|
|
Packit |
b00eeb |
return;
|
|
Packit |
b00eeb |
}
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
req = gcr_certificate_request_prepare (GCR_CERTIFICATE_REQUEST_PKCS10, key);
|
|
Packit |
b00eeb |
g_object_unref (key);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
gcr_certificate_request_set_cn (req, cn_name);
|
|
Packit |
b00eeb |
gcr_certificate_request_complete (req, NULL, &error);
|
|
Packit |
b00eeb |
g_assert_no_error (error);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
data = gcr_certificate_request_encode (req, TRUE, &n_data);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
if (write (1, data, n_data) < 0)
|
|
Packit |
b00eeb |
g_error ("failed to write: %s", g_strerror (errno));
|
|
Packit |
b00eeb |
g_free (data);
|
|
Packit |
b00eeb |
}
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
int
|
|
Packit |
b00eeb |
main(int argc, char *argv[])
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
g_set_prgname ("frob-certificate-request");
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
if (argc <= 1)
|
|
Packit |
b00eeb |
g_printerr ("frob-certificate-request: specify pkcs11: url of key");
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
if (cn_name == NULL)
|
|
Packit |
b00eeb |
cn_name = g_strdup ("name.example.com");
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
test_request (argv[1]);
|
|
Packit |
b00eeb |
return 0;
|
|
Packit |
b00eeb |
}
|