From 3b4870865882f6b8a45ff02754de8d34af314f7e Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin@dahyabhai.net>
Date: Feb 11 2010 04:31:52 +0000
Subject: - finish wiring PIN callbacks to the OpenSSL-specific functions


---

diff --git a/src/Makefile.am b/src/Makefile.am
index edd62eb..7b674a6 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -40,7 +40,8 @@ libcm_a_SOURCES = \
 	oiddict.c \
 	oiddict.h \
 	pin.c \
-	pin.h \
+	pin-n.h \
+	pin-o.h \
 	store-files.c \
 	store-gen.c \
 	store.h \
diff --git a/src/certread-n.c b/src/certread-n.c
index c89097f..7cbdf30 100644
--- a/src/certread-n.c
+++ b/src/certread-n.c
@@ -40,6 +40,7 @@
 #include "certread.h"
 #include "certread-int.h"
 #include "log.h"
+#include "pin-n.h"
 #include "store.h"
 #include "store-int.h"
 #include "subproc.h"
diff --git a/src/certread-o.c b/src/certread-o.c
index 73d70b4..5353e1d 100644
--- a/src/certread-o.c
+++ b/src/certread-o.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2009 Red Hat, Inc.
+ * Copyright (C) 2009,2010 Red Hat, Inc.
  * 
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -35,6 +35,7 @@
 #include "certread.h"
 #include "certread-int.h"
 #include "log.h"
+#include "pin-o.h"
 #include "store.h"
 #include "store-int.h"
 #include "subproc.h"
@@ -64,7 +65,7 @@ cm_certread_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
 	}
 	pem = fopen(entry->cm_cert_storage_location, "r");
 	if (pem != NULL) {
-		cert = PEM_read_X509(pem, NULL, NULL, NULL);
+		cert = PEM_read_X509(pem, NULL, NULL, cm_pin_read_cert(entry));
 		if (cert != NULL) {
 			status = 0;
 		} else {
diff --git a/src/certsave-n.c b/src/certsave-n.c
index d7ec9e1..c018e8b 100644
--- a/src/certsave-n.c
+++ b/src/certsave-n.c
@@ -36,6 +36,7 @@
 #include "certsave.h"
 #include "certsave-int.h"
 #include "log.h"
+#include "pin-n.h"
 #include "store.h"
 #include "store-int.h"
 #include "subproc.h"
diff --git a/src/certsave-o.c b/src/certsave-o.c
index 2be7614..47b234e 100644
--- a/src/certsave-o.c
+++ b/src/certsave-o.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2009 Red Hat, Inc.
+ * Copyright (C) 2009,2010 Red Hat, Inc.
  * 
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -32,6 +32,7 @@
 #include "certsave.h"
 #include "certsave-int.h"
 #include "log.h"
+#include "pin-o.h"
 #include "store.h"
 #include "store-int.h"
 #include "subproc.h"
@@ -51,7 +52,8 @@ cm_certsave_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
 	X509 *cert;
 	bio = BIO_new_mem_buf(entry->cm_cert, strlen(entry->cm_cert));
 	if (bio != NULL) {
-		cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
+		cert = PEM_read_bio_X509(bio, NULL, NULL,
+					 cm_pin_read_cert(entry));
 		if (cert != NULL) {
 			pem = fopen(entry->cm_cert_storage_location, "w");
 			if (pem != NULL) {
diff --git a/src/csrgen-n.c b/src/csrgen-n.c
index a1a5aa2..2dad9c2 100644
--- a/src/csrgen-n.c
+++ b/src/csrgen-n.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2009 Red Hat, Inc.
+ * Copyright (C) 2009,2010 Red Hat, Inc.
  * 
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -43,6 +43,7 @@
 #include "keygen.h"
 #include "keyiread-n.h"
 #include "log.h"
+#include "pin-n.h"
 #include "store.h"
 #include "store-int.h"
 #include "subproc.h"
diff --git a/src/csrgen-o.c b/src/csrgen-o.c
index 1f6589f..1561423 100644
--- a/src/csrgen-o.c
+++ b/src/csrgen-o.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2009 Red Hat, Inc.
+ * Copyright (C) 2009,2010 Red Hat, Inc.
  * 
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -35,6 +35,7 @@
 #include "csrgen-int.h"
 #include "keygen.h"
 #include "log.h"
+#include "pin-o.h"
 #include "store.h"
 #include "store-int.h"
 #include "subproc.h"
@@ -80,7 +81,7 @@ cm_csrgen_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
 		cm_log(1, "Internal error generating CSR.\n");
 		_exit(2);
 	}
-	rsa = PEM_read_RSAPrivateKey(keyfp, NULL, NULL, NULL);
+	rsa = PEM_read_RSAPrivateKey(keyfp, NULL, NULL, cm_pin_read_key(entry));
 	if (rsa != NULL) {
 		EVP_PKEY_assign_RSA(pkey, rsa); /* pkey owns rsa now */
 		x = X509_new();
diff --git a/src/keygen-n.c b/src/keygen-n.c
index eb71245..e97b3b6 100644
--- a/src/keygen-n.c
+++ b/src/keygen-n.c
@@ -36,6 +36,7 @@
 #include "keygen.h"
 #include "keygen-int.h"
 #include "log.h"
+#include "pin-n.h"
 #include "store.h"
 #include "store-int.h"
 #include "subproc.h"
diff --git a/src/keygen-o.c b/src/keygen-o.c
index 50e2367..61b106e 100644
--- a/src/keygen-o.c
+++ b/src/keygen-o.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2009 Red Hat, Inc.
+ * Copyright (C) 2009,2010 Red Hat, Inc.
  * 
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -33,6 +33,7 @@
 #include "keygen.h"
 #include "keygen-int.h"
 #include "log.h"
+#include "pin-o.h"
 #include "store.h"
 #include "store-int.h"
 #include "subproc.h"
@@ -99,7 +100,8 @@ cm_keygen_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
 			_exit(2);
 		}
 		if (PEM_write_PrivateKey(fp, pkey, NULL,
-					 NULL, 0, NULL, NULL) == 0) {
+					 NULL, 0, NULL,
+					 cm_pin_read_key(entry)) == 0) {
 			cm_log(1, "Error storing key.\n");
 			while ((error = ERR_get_error()) != 0) {
 				ERR_error_string_n(error, buf, sizeof(buf));
diff --git a/src/keyiread-n.c b/src/keyiread-n.c
index eb5a996..7946e80 100644
--- a/src/keyiread-n.c
+++ b/src/keyiread-n.c
@@ -40,6 +40,7 @@
 #include "keyiread-int.h"
 #include "keyiread-n.h"
 #include "log.h"
+#include "pin-n.h"
 #include "store.h"
 #include "store-int.h"
 #include "subproc.h"
diff --git a/src/keyiread-o.c b/src/keyiread-o.c
index ac716e2..c74f240 100644
--- a/src/keyiread-o.c
+++ b/src/keyiread-o.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2009 Red Hat, Inc.
+ * Copyright (C) 2009,2010 Red Hat, Inc.
  * 
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -35,6 +35,7 @@
 #include "keyiread.h"
 #include "keyiread-int.h"
 #include "log.h"
+#include "pin-o.h"
 #include "store.h"
 #include "store-int.h"
 #include "subproc.h"
@@ -66,7 +67,8 @@ cm_keyiread_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
 	}
 	pem = fopen(entry->cm_key_storage_location, "r");
 	if (pem != NULL) {
-		pkey = PEM_read_PrivateKey(pem, NULL, NULL, NULL);
+		pkey = PEM_read_PrivateKey(pem, NULL, NULL,
+					   cm_pin_read_key(entry));
 		if (pkey != NULL) {
 			status = 0;
 		} else {
diff --git a/src/pin.c b/src/pin.c
index 2e91adb..c0b4b08 100644
--- a/src/pin.c
+++ b/src/pin.c
@@ -31,6 +31,8 @@
 #include <talloc.h>
 
 #include "log.h"
+#include "pin-n.h"
+#include "pin-o.h"
 #include "store-int.h"
 
 enum cm_pin_type {
diff --git a/src/pin.h b/src/pin.h
deleted file mode 100644
index b8c9fc8..0000000
--- a/src/pin.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright (C) 2010 Red Hat, Inc.
- * 
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef cmpin_h
-#define cmpin_h
-
-struct cm_store_entry;
-char *cm_pin_read_key(struct cm_store_entry *entry);
-char *cm_pin_read_cert(struct cm_store_entry *entry);
-char *cm_pin_cb_key(PK11SlotInfo *slot, PRBool retry, void *arg);
-char *cm_pin_cb_cert(PK11SlotInfo *slot, PRBool retry, void *arg);
-
-#endif
diff --git a/src/submit-so.c b/src/submit-so.c
index 1ce1ec6..4ea3637 100644
--- a/src/submit-so.c
+++ b/src/submit-so.c
@@ -32,6 +32,7 @@
 #include <talloc.h>
 
 #include "log.h"
+#include "pin-o.h"
 #include "store.h"
 #include "store-int.h"
 #include "submit.h"
@@ -84,7 +85,8 @@ cm_submit_so_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
 	if (keyfp != NULL) {
 		pkey = EVP_PKEY_new();
 		if (pkey != NULL) {
-			rsa = PEM_read_RSAPrivateKey(keyfp, NULL, NULL, NULL);
+			rsa = PEM_read_RSAPrivateKey(keyfp, NULL, NULL,
+						     cm_pin_read_key(entry));
 			if (rsa != NULL) {
 				EVP_PKEY_assign_RSA(pkey, rsa); /* pkey owns rsa now */
 				bio = BIO_new_mem_buf(entry->cm_csr,