capbac 0.3.0 → 0.4.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Cargo.toml +3 -3
  3. data/lib/capbac/version.rb +1 -1
  4. data/lib/capbac_ruby.so +0 -0
  5. data/src/lib.rs +241 -259
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9aea3202cf722c59f88ff0cc3ac473c5d70d05727bf2887a9665ff554552fa02
4
- data.tar.gz: e0a1ea74ed0b853ccb8e3619015bd599f4f20ea30f8c9eb4caadf331dbfc979f
3
+ metadata.gz: 81c1db17c50ca3dce7a76f825fb981bcd347b3c0b0d194718e3d74ada60a8cd9
4
+ data.tar.gz: c193c44fb1693f57fa4b4e6e00bb7935b28c86ba53578b5e8d55b62b2d625388
5
5
  SHA512:
6
- metadata.gz: 1ea6fb01de7bd48e299b32602b2ee276bbed2581c2e75fb724deba69f776386edb05b61e6492867152d97bb02989b894145dee0a8bf6d94bdd301d60ee181f55
7
- data.tar.gz: f1a7f43fbfb3df31dc1272edd15f74b27c3b29fcf83c4b765290f976a5eec5e07f3c1cdfb63772f1e6fe4813f1df3eea0fb224b6bda2ae80697f60e22732b4c2
6
+ metadata.gz: e4f381fc3571fe2ae1a3f8f7fc1a710a0425909cb5c5fb292392a7380361b8c23e95f0145a80291717175cc55548669a345b394c1866b0079669c4870105a274
7
+ data.tar.gz: dfab7513a193b11f048843bd43edc19f12f497073a39841995f5adca6abb83fafe2ecd9766a5e25c4f7d887388fd791f42c5504e6f78517b861a69dbea389d1c
data/Cargo.toml CHANGED
@@ -1,6 +1,6 @@
1
1
  [package]
2
2
  name = "capbac-ruby"
3
- version = "0.2.0"
3
+ version = "0.3.0"
4
4
  authors = ["Kirill Chernyshov <delaguardo@gmail.com>"]
5
5
  edition = "2018"
6
6
 
@@ -8,10 +8,10 @@ edition = "2018"
8
8
  crate-type = ["cdylib"]
9
9
 
10
10
  [dependencies]
11
- rutie = "0.6.1"
11
+ rutie = "0.8.0"
12
12
  url = "2.1"
13
13
  openssl = "0.10"
14
14
  ring = "0.16.15"
15
15
  lazy_static = "1"
16
16
  protobuf = "2.16.2"
17
- capbac = "0.2.1"
17
+ capbac = "0.3.0"
data/lib/capbac/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module CapBAC
2
- VERSION = '0.3.0'.freeze
2
+ VERSION = '0.4.4'.freeze
3
3
  end
data/lib/capbac_ruby.so CHANGED
Binary file
data/src/lib.rs CHANGED
@@ -1,25 +1,68 @@
1
- #[macro_use] extern crate rutie;
2
- #[macro_use] extern crate lazy_static;
1
+ #[macro_use]
2
+ extern crate rutie;
3
+ #[macro_use]
4
+ extern crate lazy_static;
3
5
 
4
- use rutie::{Module, Class, RString, Object, AnyObject, Array,
5
- Fixnum, Hash, Symbol, VM, Boolean, GC, VerifiedObject};
6
6
  use capbac::{CertificateBlueprint, InvokeBlueprint};
7
- use url::Url;
8
- use openssl::pkey::{PKey, Public};
9
- use openssl::ec::EcKey;
10
- use protobuf::{Message};
11
- use std::fmt;
12
-
13
- use ring::{
14
- rand,
15
- signature::{self, KeyPair, EcdsaKeyPair},
7
+ use openssl::{
8
+ ec::{EcKey},
9
+ pkey::{PKey, Public},
10
+ };
11
+ use protobuf::Message;
12
+ use rutie::{
13
+ AnyObject, Boolean, Class, Encoding, Fixnum, Hash, Module, Object, RString, Symbol,
14
+ VerifiedObject, GC, VM, Array,
16
15
  };
16
+ use std::{fmt, str};
17
+ use url::Url;
18
+
19
+ class!(ASCIIRString);
20
+
21
+ impl VerifiedObject for ASCIIRString {
22
+ fn is_correct_type<T: Object>(object: &T) -> bool {
23
+ object
24
+ .class()
25
+ .ancestors()
26
+ .iter()
27
+ .any(|class| *class == Class::from_existing("String"))
28
+ }
29
+
30
+ fn error_message() -> &'static str {
31
+ "Error converting to ASCII String"
32
+ }
33
+ }
34
+
35
+ impl From<ASCIIRString> for Vec<u8> {
36
+ fn from(rstring: ASCIIRString) -> Self {
37
+ let bytes = rstring
38
+ .protect_send("bytes", &[])
39
+ .map_err(VM::raise_ex)
40
+ .unwrap()
41
+ .try_convert_to::<Array>()
42
+ .map_err(VM::raise_ex)
43
+ .unwrap();
44
+
45
+ let mut res = Vec::new();
46
+
47
+ for n in bytes.into_iter() {
48
+ let n = n.try_convert_to::<Fixnum>()
49
+ .map_err(|e| VM::raise_ex(e))
50
+ .unwrap();
51
+
52
+ res.push(n.to_i64() as u8);
53
+ }
54
+ res
55
+ }
56
+ }
17
57
 
18
58
  class!(URI);
19
59
 
20
60
  impl VerifiedObject for URI {
21
61
  fn is_correct_type<T: Object>(object: &T) -> bool {
22
- object.class().ancestors().iter()
62
+ object
63
+ .class()
64
+ .ancestors()
65
+ .iter()
23
66
  .any(|class| *class == Class::from_existing("URI"))
24
67
  }
25
68
 
@@ -30,108 +73,98 @@ impl VerifiedObject for URI {
30
73
 
31
74
  impl fmt::Display for URI {
32
75
  fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
33
- let s = self.send("to_s", &vec![]).try_convert_to::<RString>().unwrap().to_string();
76
+ let s = self
77
+ .protect_send("to_s", &[])
78
+ .map_err(VM::raise_ex)
79
+ .unwrap()
80
+ .try_convert_to::<RString>()
81
+ .map_err(VM::raise_ex)
82
+ .unwrap()
83
+ .to_string();
34
84
  write!(f, "{}", s)
35
85
  }
36
86
  }
37
87
 
38
88
  impl From<&Url> for URI {
39
89
  fn from(url: &Url) -> Self {
40
- Class::from_existing("URI").send("parse", &vec![RString::new_utf8(&url.clone().to_string()).to_any_object()]).try_convert_to::<URI>().unwrap()
90
+ let args = [RString::new_utf8(&url.clone().to_string()).to_any_object()];
91
+ Class::from_existing("URI")
92
+ .protect_send("parse", &args)
93
+ .map_err(VM::raise_ex)
94
+ .unwrap()
95
+ .try_convert_to::<URI>()
96
+ .map_err(VM::raise_ex)
97
+ .unwrap()
41
98
  }
42
99
  }
43
100
 
44
101
  impl From<URI> for Url {
45
102
  fn from(uri: URI) -> Self {
46
- Url::parse(&uri.to_string()).unwrap()
103
+ Url::parse(&uri.to_string())
104
+ .map_err(|_e| {
105
+ VM::raise(
106
+ Class::from_existing("URI").get_nested_class("InvalidURIError"),
107
+ &format!("bad URI(is not URI?): {}", uri.to_string()),
108
+ )
109
+ })
110
+ .unwrap()
47
111
  }
48
112
  }
49
113
 
114
+ // TODO CertificateBlueprint -> Result<CertificateBlueprint, Error>
50
115
  fn options_to_cert_blueprint(options: Hash) -> CertificateBlueprint {
51
116
  let subject = options
52
117
  .at(&Symbol::new("subject"))
53
- .try_convert_to::<URI>();
118
+ .try_convert_to::<URI>()
119
+ .map_err(VM::raise_ex)
120
+ .unwrap();
54
121
 
55
- if let Err(ref _error) = subject {
56
- VM::raise(Class::from_existing("ArgumentError"), "Subject must be an instance of URI");
57
- }
58
-
59
- let subject = Url::from(subject.unwrap());
122
+ let subject = Url::from(subject);
60
123
 
61
124
  let capability = options
62
125
  .at(&Symbol::new("capability"))
63
- .try_convert_to::<RString>();
64
-
65
- if let Err(ref _error) = capability {
66
- VM::raise(Class::from_existing("ArgumentError"), "Capability must be a string");
67
- }
68
-
69
- let capability = capability
70
- .unwrap().to_string()
126
+ .try_convert_to::<RString>()
127
+ .map_err(VM::raise_ex)
128
+ .unwrap()
129
+ .to_string()
71
130
  .into_bytes();
72
131
 
73
132
  let exp = match options.at(&Symbol::new("exp")).try_convert_to::<Fixnum>() {
74
133
  Ok(x) => Some(x.to_i64() as u64),
75
- _ => None
134
+ _ => None,
76
135
  };
77
136
 
78
137
  CertificateBlueprint {
79
138
  subject,
80
139
  capability,
81
- exp
82
- }
83
- }
84
-
85
- fn array_to_cert(array: Array) -> capbac::proto::Certificate {
86
- let mut cert_content: Vec<u8> = Vec::new();
87
- for n in array.into_iter() {
88
- let n = n.try_convert_to::<Fixnum>();
89
-
90
- if let Err(ref error) = n {
91
- VM::raise(error.class(), &error.to_string());
92
- }
93
-
94
- cert_content.push(n.unwrap().to_i64() as u8);
140
+ exp,
95
141
  }
96
- let mut cert = capbac::proto::Certificate::new();
97
- cert.merge_from_bytes(&cert_content).unwrap();
98
- cert
99
142
  }
100
143
 
101
144
  fn options_to_invoke_blueprint(options: Hash) -> InvokeBlueprint {
102
-
103
145
  let cert_content = options
104
146
  .at(&Symbol::new("cert"))
105
- .try_convert_to::<Array>();
147
+ .try_convert_to::<ASCIIRString>()
148
+ .map_err(VM::raise_ex)
149
+ .unwrap();
106
150
 
107
- if let Err(ref _error) = cert_content {
108
- VM::raise(Class::from_existing("ArgumentError"), "Certificate must be an array");
109
- }
110
-
111
- let cert = array_to_cert(cert_content.unwrap());
151
+ let mut cert = capbac::proto::Certificate::new();
152
+ cert.merge_from_bytes(&Vec::from(cert_content)).unwrap();
112
153
 
113
154
  let action = options
114
155
  .at(&Symbol::new("action"))
115
- .try_convert_to::<RString>();
116
-
117
- if let Err(ref _error) = action {
118
- VM::raise(Class::from_existing("ArgumentError"), "Action must be a string");
119
- }
120
-
121
- let action = action
122
- .unwrap().to_string()
156
+ .try_convert_to::<RString>()
157
+ .map_err(VM::raise_ex)
158
+ .unwrap()
159
+ .to_string()
123
160
  .into_bytes();
124
161
 
125
162
  let exp = match options.at(&Symbol::new("exp")).try_convert_to::<Fixnum>() {
126
163
  Ok(x) => Some(x.to_i64() as u64),
127
- _ => None
164
+ _ => None,
128
165
  };
129
166
 
130
- InvokeBlueprint {
131
- cert,
132
- action,
133
- exp
134
- }
167
+ InvokeBlueprint { cert, action, exp }
135
168
  }
136
169
 
137
170
  wrappable_struct!(capbac::Holder, HolderWrapper, HOLDER_WRAPPER);
@@ -142,87 +175,74 @@ methods!(
142
175
  Holder,
143
176
  itself,
144
177
 
145
- fn ruby_holder_new(me: URI, sk: Array) -> AnyObject {
146
- if let Err(ref error) = me {
147
- VM::raise(error.class(), &error.to_string());
148
- }
149
-
150
- if let Err(ref error) = sk {
151
- VM::raise(error.class(), &error.to_string());
152
- }
153
-
154
- let me = Url::parse(&me.unwrap().to_string());
155
-
156
- if let Err(ref error) = me {
157
- VM::raise(Class::from_existing("ArgumentError"), &error.to_string())
158
- }
159
-
160
- let mut sk_content: Vec<u8> = Vec::new();
161
- for n in sk.unwrap().into_iter() {
162
- let n = n.try_convert_to::<Fixnum>();
163
-
164
- if let Err(ref error) = n {
165
- VM::raise(error.class(), &error.to_string());
166
- }
167
-
168
- sk_content.push(n.unwrap().to_i64() as u8);
169
- }
170
-
171
- let holder = capbac::Holder::new(me.unwrap(), PKey::private_key_from_pkcs8(&sk_content).unwrap().ec_key().unwrap());
178
+ fn ruby_holder_new(me: URI, sk: RString) -> AnyObject {
179
+ let ruby_me = me.map_err(VM::raise_ex).unwrap().to_string();
180
+
181
+ let ruby_sk = sk
182
+ .map_err(VM::raise_ex)
183
+ .unwrap()
184
+ .to_string_unchecked();
185
+
186
+ let me = Url::parse(&ruby_me)
187
+ .map_err(|e| VM::raise(Class::from_existing("ArgumentError"), &e.to_string()))
188
+ .unwrap();
189
+ let sk = PKey::private_key_from_pem(&ruby_sk.as_bytes())
190
+ .map_err(|e| {
191
+ VM::raise(
192
+ Class::from_existing("ArgumentError"),
193
+ &format!("Wrong secret key formar (not pkcs8?) ({})", e.to_string()),
194
+ )
195
+ })
196
+ .unwrap()
197
+ .ec_key()
198
+ .map_err(|e| {
199
+ VM::raise(
200
+ Class::from_existing("ArgumentError"),
201
+ &format!("Can't extract EC key ({})", e.to_string()),
202
+ )
203
+ })
204
+ .unwrap();
205
+
206
+ let holder = capbac::Holder::new(me, sk);
172
207
 
173
208
  Class::from_existing("CapBAC")
174
209
  .get_nested_class("Holder")
175
210
  .wrap_data(holder, &*HOLDER_WRAPPER)
176
211
  }
177
212
 
178
- fn ruby_holder_forge(options: Hash) -> Array {
179
- if let Err(ref _error) = options {
180
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
181
- }
182
-
183
- let options = options_to_cert_blueprint(options.unwrap());
184
-
213
+ fn ruby_holder_forge(options: Hash) -> RString {
214
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
215
+ let options = options_to_cert_blueprint(ruby_options);
185
216
  let holder = itself.get_data(&*HOLDER_WRAPPER);
217
+
186
218
  let cert = holder.forge(options).unwrap();
187
219
 
188
- let mut res = Array::new();
189
- for item in cert.write_to_bytes().unwrap().iter() {
190
- res.push(Fixnum::new(i64::from(*item)));
191
- };
192
- res
220
+ RString::from_bytes(&cert.write_to_bytes().unwrap(), &Encoding::us_ascii())
193
221
  }
194
222
 
195
- fn ruby_holder_delegate(cert: Array, options: Hash) -> Array {
196
- if let Err(ref _error) = options {
197
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
198
- }
199
-
200
- let options = options_to_cert_blueprint(options.unwrap());
223
+ fn ruby_holder_delegate(cert: ASCIIRString, options: Hash) -> RString {
224
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
225
+ let options = options_to_cert_blueprint(ruby_options);
201
226
  let holder = itself.get_data(&*HOLDER_WRAPPER);
202
- let cert = array_to_cert(cert.unwrap());
227
+
228
+ let cert_content = Vec::from(cert.map_err(VM::raise_ex).unwrap());
229
+
230
+ let mut cert = capbac::proto::Certificate::new();
231
+ cert.merge_from_bytes(&cert_content).unwrap();
203
232
 
204
233
  let cert = holder.delegate(cert, options).unwrap();
205
- let mut res = Array::new();
206
- for item in cert.write_to_bytes().unwrap().iter() {
207
- res.push(Fixnum::new(i64::from(*item)));
208
- };
209
- res
210
- }
211
234
 
212
- fn ruby_holder_invoke(options: Hash) -> Array {
213
- if let Err(ref _error) = options {
214
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
215
- }
235
+ RString::from_bytes(&cert.write_to_bytes().unwrap(), &Encoding::us_ascii())
236
+ }
216
237
 
217
- let options = options_to_invoke_blueprint(options.unwrap());
238
+ fn ruby_holder_invoke(options: Hash) -> RString {
239
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
240
+ let options = options_to_invoke_blueprint(ruby_options);
218
241
  let holder = itself.get_data(&*HOLDER_WRAPPER);
219
242
 
220
243
  let invocation = holder.invoke(options).unwrap();
221
- let mut res = Array::new();
222
- for item in invocation.write_to_bytes().unwrap().iter() {
223
- res.push(Fixnum::new(i64::from(*item)));
224
- };
225
- res
244
+
245
+ RString::from_bytes(&invocation.write_to_bytes().unwrap(), &Encoding::us_ascii())
226
246
  }
227
247
  );
228
248
 
@@ -235,7 +255,7 @@ impl IntValidator {
235
255
  fn new(trust_checker: AnyObject, pubs: AnyObject) -> Self {
236
256
  IntValidator {
237
257
  trust_checker,
238
- pubs
258
+ pubs,
239
259
  }
240
260
  }
241
261
  }
@@ -244,30 +264,36 @@ impl capbac::TrustChecker for IntValidator {
244
264
  fn is_trusted(&self, id: &Url) -> bool {
245
265
  let args = vec![URI::from(id).to_any_object()];
246
266
  self.trust_checker
247
- .send("trusted?", &args)
267
+ .protect_send("trusted?", &args)
268
+ .map_err(VM::raise_ex)
269
+ .unwrap()
248
270
  .try_convert_to::<Boolean>()
249
- .unwrap_or(Boolean::new(false))
271
+ .unwrap_or_else(|_| Boolean::new(false))
250
272
  .to_bool()
251
273
  }
252
274
  }
253
275
 
254
276
  impl capbac::Pubs for IntValidator {
255
277
  fn get(&self, id: &Url) -> Option<EcKey<Public>> {
256
- let res = self.pubs.send("get", &vec![URI::from(id).to_any_object()]).try_convert_to::<Array>();
257
- if let Err(ref _error) = res {
258
- return None
259
- }
260
- let mut pk_content: Vec<u8> = Vec::new();
261
- for n in res.unwrap().into_iter() {
262
- let n = n.try_convert_to::<Fixnum>();
263
-
264
- if let Err(ref error) = n {
265
- VM::raise(error.class(), &error.to_string());
278
+ let args = [URI::from(id).to_any_object()];
279
+ let res = self
280
+ .pubs
281
+ .protect_send("get", &args)
282
+ .map_err(VM::raise_ex)
283
+ .unwrap()
284
+ .try_convert_to::<RString>();
285
+
286
+ match res {
287
+ Ok(pk) => {
288
+ Some(
289
+ PKey::public_key_from_pem(&pk.to_string_unchecked().as_bytes())
290
+ .unwrap()
291
+ .ec_key()
292
+ .unwrap(),
293
+ )
266
294
  }
267
-
268
- pk_content.push(n.unwrap().to_i64() as u8);
295
+ Err(_) => None
269
296
  }
270
- Some(PKey::public_key_from_der(&pk_content).unwrap().ec_key().unwrap())
271
297
  }
272
298
  }
273
299
 
@@ -290,56 +316,48 @@ methods!(
290
316
  .wrap_data(validator, &*INT_VALIDATOR_WRAPPER)
291
317
  }
292
318
 
293
- fn ruby_validator_validate_cert(cert: Array, now: Fixnum) -> Boolean {
294
- if let Err(ref error) = cert {
295
- VM::raise(error.class(), &error.to_string());
296
- }
297
-
298
- if let Err(ref error) = now {
299
- VM::raise(error.class(), &error.to_string());
300
- }
301
-
302
- let mut cert_content: Vec<u8> = Vec::new();
303
- for n in cert.unwrap().into_iter() {
304
- let n = n.try_convert_to::<Fixnum>();
319
+ fn ruby_validator_validate_cert(cert: RString, now: Fixnum) -> Boolean {
320
+ let ruby_cert = cert
321
+ .map_err(VM::raise_ex)
322
+ .unwrap()
323
+ .to_string_unchecked();
305
324
 
306
- if let Err(ref error) = n {
307
- VM::raise(error.class(), &error.to_string());
308
- }
309
-
310
- cert_content.push(n.unwrap().to_i64() as u8);
311
- }
312
325
  let mut cert = capbac::proto::Certificate::new();
313
- cert.merge_from_bytes(&cert_content).unwrap();
326
+ cert.merge_from_bytes(&ruby_cert.as_bytes()).unwrap();
314
327
 
315
- let now = now.unwrap().to_i64() as u64;
328
+ let now = now.map_err(VM::raise_ex).unwrap().to_i64() as u64;
316
329
 
317
330
  let x = itself.get_data(&*INT_VALIDATOR_WRAPPER);
318
331
  let validator = capbac::Validator::new(x, x);
319
332
 
320
333
  match validator.validate_cert(&cert, now) {
321
334
  Result::Ok(_) => Boolean::new(true),
322
- Err(x) => {
335
+ Err(x) => {
323
336
  let capbac_class = Class::from_existing("CapBAC");
324
337
  match x {
325
- capbac::ValidateError::Malformed { .. } => {
326
- VM::raise(capbac_class.get_nested_class("Malformed"), &format!("{}", x))
327
- },
338
+ capbac::ValidateError::Malformed { .. } => VM::raise(
339
+ capbac_class.get_nested_class("Malformed"),
340
+ &format!("{}", x),
341
+ ),
328
342
  capbac::ValidateError::BadURL { .. } => {
329
343
  VM::raise(capbac_class.get_nested_class("BadURL"), &format!("{}", x))
330
- },
331
- capbac::ValidateError::UnknownPub { .. } => {
332
- VM::raise(capbac_class.get_nested_class("UnknownPub"), &format!("{}", x))
333
- },
334
- capbac::ValidateError::BadIssuer { .. } => {
335
- VM::raise(capbac_class.get_nested_class("BadIssuer"), &format!("{}", x))
336
- },
337
- capbac::ValidateError::BadInvoker { .. } => {
338
- VM::raise(capbac_class.get_nested_class("BadInvoker"), &format!("{}", x))
339
- },
340
- capbac::ValidateError::Untrusted { .. } => {
341
- VM::raise(capbac_class.get_nested_class("Untrusted"), &format!("{}", x))
342
- },
344
+ }
345
+ capbac::ValidateError::UnknownPub { .. } => VM::raise(
346
+ capbac_class.get_nested_class("UnknownPub"),
347
+ &format!("{}", x),
348
+ ),
349
+ capbac::ValidateError::BadIssuer { .. } => VM::raise(
350
+ capbac_class.get_nested_class("BadIssuer"),
351
+ &format!("{}", x),
352
+ ),
353
+ capbac::ValidateError::BadInvoker { .. } => VM::raise(
354
+ capbac_class.get_nested_class("BadInvoker"),
355
+ &format!("{}", x),
356
+ ),
357
+ capbac::ValidateError::Untrusted { .. } => VM::raise(
358
+ capbac_class.get_nested_class("Untrusted"),
359
+ &format!("{}", x),
360
+ ),
343
361
  capbac::ValidateError::Expired => {
344
362
  VM::raise(capbac_class.get_nested_class("Expired"), &format!("{}", x))
345
363
  }
@@ -352,56 +370,50 @@ methods!(
352
370
  }
353
371
  }
354
372
 
355
- fn ruby_validator_validate_invocation(invocation: Array, now: Fixnum) -> Boolean {
356
- if let Err(ref error) = invocation {
357
- VM::raise(error.class(), &error.to_string());
358
- }
373
+ fn ruby_validator_validate_invocation(invocation: RString, now: Fixnum) -> Boolean {
374
+ let ruby_invocation = invocation
375
+ .map_err(VM::raise_ex)
376
+ .unwrap()
377
+ .to_string_unchecked();
359
378
 
360
- if let Err(ref error) = now {
361
- VM::raise(error.class(), &error.to_string());
362
- }
363
-
364
- let mut invocation_content: Vec<u8> = Vec::new();
365
- for n in invocation.unwrap().into_iter() {
366
- let n = n.try_convert_to::<Fixnum>();
367
-
368
- if let Err(ref error) = n {
369
- VM::raise(error.class(), &error.to_string());
370
- }
371
-
372
- invocation_content.push(n.unwrap().to_i64() as u8);
373
- }
374
379
  let mut invocation = capbac::proto::Invocation::new();
375
- invocation.merge_from_bytes(&invocation_content).unwrap();
380
+ invocation
381
+ .merge_from_bytes(&ruby_invocation.as_bytes())
382
+ .unwrap();
376
383
 
377
- let now = now.unwrap().to_i64() as u64;
384
+ let now = now.map_err(VM::raise_ex).unwrap().to_i64() as u64;
378
385
 
379
386
  let x = itself.get_data(&*INT_VALIDATOR_WRAPPER);
380
387
  let validator = capbac::Validator::new(x, x);
381
388
 
382
389
  match validator.validate_invocation(&invocation, now) {
383
390
  Result::Ok(_) => Boolean::new(true),
384
- Err(x) => {
391
+ Err(x) => {
385
392
  let capbac_class = Class::from_existing("CapBAC");
386
393
  match x {
387
- capbac::ValidateError::Malformed { .. } => {
388
- VM::raise(capbac_class.get_nested_class("Malformed"), &format!("{}", x))
389
- },
394
+ capbac::ValidateError::Malformed { .. } => VM::raise(
395
+ capbac_class.get_nested_class("Malformed"),
396
+ &format!("{}", x),
397
+ ),
390
398
  capbac::ValidateError::BadURL { .. } => {
391
399
  VM::raise(capbac_class.get_nested_class("BadURL"), &format!("{}", x))
392
- },
393
- capbac::ValidateError::UnknownPub { .. } => {
394
- VM::raise(capbac_class.get_nested_class("UnknownPub"), &format!("{}", x))
395
- },
396
- capbac::ValidateError::BadIssuer { .. } => {
397
- VM::raise(capbac_class.get_nested_class("BadIssuer"), &format!("{}", x))
398
- },
399
- capbac::ValidateError::BadInvoker { .. } => {
400
- VM::raise(capbac_class.get_nested_class("BadInvoker"), &format!("{}", x))
401
- },
402
- capbac::ValidateError::Untrusted { .. } => {
403
- VM::raise(capbac_class.get_nested_class("Untrusted"), &format!("{}", x))
404
- },
400
+ }
401
+ capbac::ValidateError::UnknownPub { .. } => VM::raise(
402
+ capbac_class.get_nested_class("UnknownPub"),
403
+ &format!("{}", x),
404
+ ),
405
+ capbac::ValidateError::BadIssuer { .. } => VM::raise(
406
+ capbac_class.get_nested_class("BadIssuer"),
407
+ &format!("{}", x),
408
+ ),
409
+ capbac::ValidateError::BadInvoker { .. } => VM::raise(
410
+ capbac_class.get_nested_class("BadInvoker"),
411
+ &format!("{}", x),
412
+ ),
413
+ capbac::ValidateError::Untrusted { .. } => VM::raise(
414
+ capbac_class.get_nested_class("Untrusted"),
415
+ &format!("{}", x),
416
+ ),
405
417
  capbac::ValidateError::Expired => {
406
418
  VM::raise(capbac_class.get_nested_class("Expired"), &format!("{}", x))
407
419
  }
@@ -412,34 +424,6 @@ methods!(
412
424
  Boolean::new(false)
413
425
  }
414
426
  }
415
-
416
- }
417
- );
418
-
419
- class!(KeyGen);
420
-
421
- methods!(
422
- KeyGen,
423
- itself,
424
-
425
- fn ruby_generate_keypair() -> Hash {
426
- let rng = rand::SystemRandom::new();
427
- let key_pair = EcdsaKeyPair::generate_pkcs8(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, &rng).unwrap();
428
- let mut sk = Array::new();
429
- for item in key_pair.as_ref().iter() {
430
- sk.push(Fixnum::new(i64::from(*item)));
431
- };
432
-
433
- let key_pair = EcdsaKeyPair::from_pkcs8(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, &key_pair.as_ref()).unwrap();
434
- let mut pk = Array::new();
435
- for item in key_pair.public_key().as_ref().iter() {
436
- pk.push(Fixnum::new(i64::from(*item)));
437
- };
438
-
439
- let mut res = Hash::new();
440
- res.store(Symbol::new("sk"), sk);
441
- res.store(Symbol::new("pk"), pk);
442
- res
443
427
  }
444
428
  );
445
429
 
@@ -454,14 +438,12 @@ pub extern "C" fn Init_capbac() {
454
438
  itself.def("invoke", ruby_holder_invoke);
455
439
  });
456
440
 
457
- itself.define_nested_class("Validator", None).define(|itself| {
458
- itself.def_self("new", ruby_validator_new);
459
- itself.def("validate_cert", ruby_validator_validate_cert);
460
- itself.def("validate_invocation", ruby_validator_validate_invocation);
461
- });
462
-
463
- itself.define_nested_class("KeyPair", None).define(|itself| {
464
- itself.def("generate!", ruby_generate_keypair);
465
- });
441
+ itself
442
+ .define_nested_class("Validator", None)
443
+ .define(|itself| {
444
+ itself.def_self("new", ruby_validator_new);
445
+ itself.def("validate_cert", ruby_validator_validate_cert);
446
+ itself.def("validate_invocation", ruby_validator_validate_invocation);
447
+ });
466
448
  });
467
449
  }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: capbac
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.4.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Kirill Chernyshov
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-07-22 00:00:00.000000000 Z
11
+ date: 2020-08-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thermite