capbac 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Cargo.toml +1 -1
  3. data/lib/capbac/version.rb +1 -1
  4. data/lib/capbac_ruby.so +0 -0
  5. data/src/lib.rs +232 -243
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9aea3202cf722c59f88ff0cc3ac473c5d70d05727bf2887a9665ff554552fa02
4
- data.tar.gz: e0a1ea74ed0b853ccb8e3619015bd599f4f20ea30f8c9eb4caadf331dbfc979f
3
+ metadata.gz: 44848813257e696a0d0aa3ee32740481dced5a2400821e69a4fe31b130e60476
4
+ data.tar.gz: 9e7bc540cba3a4a0be51ed7d91f06455f493dbae694b5a003716d75143196bb5
5
5
  SHA512:
6
- metadata.gz: 1ea6fb01de7bd48e299b32602b2ee276bbed2581c2e75fb724deba69f776386edb05b61e6492867152d97bb02989b894145dee0a8bf6d94bdd301d60ee181f55
7
- data.tar.gz: f1a7f43fbfb3df31dc1272edd15f74b27c3b29fcf83c4b765290f976a5eec5e07f3c1cdfb63772f1e6fe4813f1df3eea0fb224b6bda2ae80697f60e22732b4c2
6
+ metadata.gz: 3a05e44960b0368b3fa77def316ead43fd2aef59586ae5900e738b0b1f4f5329fba514270a52cd565301a60ec6c3e1d99cfe596bb52eaa667cd13da6c28999b2
7
+ data.tar.gz: 1a30dc257457acd1bb747ab6a4d9452c65d3833aa05459c48a7c61adc73957519516c68e6c21b00683d3ce7f7562cd908ac6542164e9358fa79371babfd7302d
data/Cargo.toml CHANGED
@@ -8,7 +8,7 @@ edition = "2018"
8
8
  crate-type = ["cdylib"]
9
9
 
10
10
  [dependencies]
11
- rutie = "0.6.1"
11
+ rutie = "0.8.0"
12
12
  url = "2.1"
13
13
  openssl = "0.10"
14
14
  ring = "0.16.15"
data/lib/capbac/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module CapBAC
2
- VERSION = '0.3.0'.freeze
2
+ VERSION = '0.4.0'.freeze
3
3
  end
data/lib/capbac_ruby.so CHANGED
Binary file
data/src/lib.rs CHANGED
@@ -1,25 +1,33 @@
1
- #[macro_use] extern crate rutie;
2
- #[macro_use] extern crate lazy_static;
1
+ #[macro_use]
2
+ extern crate rutie;
3
+ #[macro_use]
4
+ extern crate lazy_static;
3
5
 
4
- use rutie::{Module, Class, RString, Object, AnyObject, Array,
5
- Fixnum, Hash, Symbol, VM, Boolean, GC, VerifiedObject};
6
6
  use capbac::{CertificateBlueprint, InvokeBlueprint};
7
- use url::Url;
8
- use openssl::pkey::{PKey, Public};
9
- use openssl::ec::EcKey;
10
- use protobuf::{Message};
11
- use std::fmt;
12
-
7
+ use openssl::{
8
+ ec::EcKey,
9
+ pkey::{PKey, Public},
10
+ };
11
+ use protobuf::Message;
13
12
  use ring::{
14
13
  rand,
15
- signature::{self, KeyPair, EcdsaKeyPair},
14
+ signature::{self, EcdsaKeyPair, KeyPair},
16
15
  };
16
+ use rutie::{
17
+ AnyObject, Boolean, Class, Encoding, Fixnum, Hash, Module, Object, RString, Symbol,
18
+ VerifiedObject, GC, VM,
19
+ };
20
+ use std::{fmt, str};
21
+ use url::Url;
17
22
 
18
23
  class!(URI);
19
24
 
20
25
  impl VerifiedObject for URI {
21
26
  fn is_correct_type<T: Object>(object: &T) -> bool {
22
- object.class().ancestors().iter()
27
+ object
28
+ .class()
29
+ .ancestors()
30
+ .iter()
23
31
  .any(|class| *class == Class::from_existing("URI"))
24
32
  }
25
33
 
@@ -30,108 +38,100 @@ impl VerifiedObject for URI {
30
38
 
31
39
  impl fmt::Display for URI {
32
40
  fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
33
- let s = self.send("to_s", &vec![]).try_convert_to::<RString>().unwrap().to_string();
41
+ let s = self
42
+ .protect_send("to_s", &[])
43
+ .map_err(VM::raise_ex)
44
+ .unwrap()
45
+ .try_convert_to::<RString>()
46
+ .map_err(VM::raise_ex)
47
+ .unwrap()
48
+ .to_string();
34
49
  write!(f, "{}", s)
35
50
  }
36
51
  }
37
52
 
38
53
  impl From<&Url> for URI {
39
54
  fn from(url: &Url) -> Self {
40
- Class::from_existing("URI").send("parse", &vec![RString::new_utf8(&url.clone().to_string()).to_any_object()]).try_convert_to::<URI>().unwrap()
55
+ let args = [RString::new_utf8(&url.clone().to_string()).to_any_object()];
56
+ Class::from_existing("URI")
57
+ .protect_send("parse", &args)
58
+ .map_err(VM::raise_ex)
59
+ .unwrap()
60
+ .try_convert_to::<URI>()
61
+ .map_err(VM::raise_ex)
62
+ .unwrap()
41
63
  }
42
64
  }
43
65
 
44
66
  impl From<URI> for Url {
45
67
  fn from(uri: URI) -> Self {
46
- Url::parse(&uri.to_string()).unwrap()
68
+ Url::parse(&uri.to_string())
69
+ .map_err(|_e| {
70
+ VM::raise(
71
+ Class::from_existing("URI").get_nested_class("InvalidURIError"),
72
+ &format!("bad URI(is not URI?): {}", uri.to_string()),
73
+ )
74
+ })
75
+ .unwrap()
47
76
  }
48
77
  }
49
78
 
79
+ // TODO CertificateBlueprint -> Result<CertificateBlueprint, Error>
50
80
  fn options_to_cert_blueprint(options: Hash) -> CertificateBlueprint {
51
81
  let subject = options
52
82
  .at(&Symbol::new("subject"))
53
- .try_convert_to::<URI>();
83
+ .try_convert_to::<URI>()
84
+ .map_err(VM::raise_ex)
85
+ .unwrap();
54
86
 
55
- if let Err(ref _error) = subject {
56
- VM::raise(Class::from_existing("ArgumentError"), "Subject must be an instance of URI");
57
- }
58
-
59
- let subject = Url::from(subject.unwrap());
87
+ let subject = Url::from(subject);
60
88
 
61
89
  let capability = options
62
90
  .at(&Symbol::new("capability"))
63
- .try_convert_to::<RString>();
64
-
65
- if let Err(ref _error) = capability {
66
- VM::raise(Class::from_existing("ArgumentError"), "Capability must be a string");
67
- }
68
-
69
- let capability = capability
70
- .unwrap().to_string()
91
+ .try_convert_to::<RString>()
92
+ .map_err(VM::raise_ex)
93
+ .unwrap()
94
+ .to_string()
71
95
  .into_bytes();
72
96
 
73
97
  let exp = match options.at(&Symbol::new("exp")).try_convert_to::<Fixnum>() {
74
98
  Ok(x) => Some(x.to_i64() as u64),
75
- _ => None
99
+ _ => None,
76
100
  };
77
101
 
78
102
  CertificateBlueprint {
79
103
  subject,
80
104
  capability,
81
- exp
105
+ exp,
82
106
  }
83
107
  }
84
108
 
85
- fn array_to_cert(array: Array) -> capbac::proto::Certificate {
86
- let mut cert_content: Vec<u8> = Vec::new();
87
- for n in array.into_iter() {
88
- let n = n.try_convert_to::<Fixnum>();
89
-
90
- if let Err(ref error) = n {
91
- VM::raise(error.class(), &error.to_string());
92
- }
93
-
94
- cert_content.push(n.unwrap().to_i64() as u8);
95
- }
96
- let mut cert = capbac::proto::Certificate::new();
97
- cert.merge_from_bytes(&cert_content).unwrap();
98
- cert
99
- }
100
-
101
109
  fn options_to_invoke_blueprint(options: Hash) -> InvokeBlueprint {
102
-
103
110
  let cert_content = options
104
111
  .at(&Symbol::new("cert"))
105
- .try_convert_to::<Array>();
106
-
107
- if let Err(ref _error) = cert_content {
108
- VM::raise(Class::from_existing("ArgumentError"), "Certificate must be an array");
109
- }
112
+ .try_convert_to::<RString>()
113
+ .map_err(VM::raise_ex)
114
+ .unwrap()
115
+ .to_string()
116
+ .into_bytes();
110
117
 
111
- let cert = array_to_cert(cert_content.unwrap());
118
+ let mut cert = capbac::proto::Certificate::new();
119
+ cert.merge_from_bytes(&cert_content).unwrap();
112
120
 
113
121
  let action = options
114
122
  .at(&Symbol::new("action"))
115
- .try_convert_to::<RString>();
116
-
117
- if let Err(ref _error) = action {
118
- VM::raise(Class::from_existing("ArgumentError"), "Action must be a string");
119
- }
120
-
121
- let action = action
122
- .unwrap().to_string()
123
+ .try_convert_to::<RString>()
124
+ .map_err(VM::raise_ex)
125
+ .unwrap()
126
+ .to_string()
123
127
  .into_bytes();
124
128
 
125
129
  let exp = match options.at(&Symbol::new("exp")).try_convert_to::<Fixnum>() {
126
130
  Ok(x) => Some(x.to_i64() as u64),
127
- _ => None
131
+ _ => None,
128
132
  };
129
133
 
130
- InvokeBlueprint {
131
- cert,
132
- action,
133
- exp
134
- }
134
+ InvokeBlueprint { cert, action, exp }
135
135
  }
136
136
 
137
137
  wrappable_struct!(capbac::Holder, HolderWrapper, HOLDER_WRAPPER);
@@ -142,87 +142,74 @@ methods!(
142
142
  Holder,
143
143
  itself,
144
144
 
145
- fn ruby_holder_new(me: URI, sk: Array) -> AnyObject {
146
- if let Err(ref error) = me {
147
- VM::raise(error.class(), &error.to_string());
148
- }
149
-
150
- if let Err(ref error) = sk {
151
- VM::raise(error.class(), &error.to_string());
152
- }
153
-
154
- let me = Url::parse(&me.unwrap().to_string());
155
-
156
- if let Err(ref error) = me {
157
- VM::raise(Class::from_existing("ArgumentError"), &error.to_string())
158
- }
159
-
160
- let mut sk_content: Vec<u8> = Vec::new();
161
- for n in sk.unwrap().into_iter() {
162
- let n = n.try_convert_to::<Fixnum>();
163
-
164
- if let Err(ref error) = n {
165
- VM::raise(error.class(), &error.to_string());
166
- }
167
-
168
- sk_content.push(n.unwrap().to_i64() as u8);
169
- }
170
-
171
- let holder = capbac::Holder::new(me.unwrap(), PKey::private_key_from_pkcs8(&sk_content).unwrap().ec_key().unwrap());
145
+ fn ruby_holder_new(me: URI, sk: RString) -> AnyObject {
146
+ let ruby_me = me.map_err(VM::raise_ex).unwrap().to_string();
147
+
148
+ let ruby_sk = sk
149
+ .map_err(VM::raise_ex)
150
+ .unwrap()
151
+ .to_string_unchecked();
152
+
153
+ let me = Url::parse(&ruby_me)
154
+ .map_err(|e| VM::raise(Class::from_existing("ArgumentError"), &e.to_string()))
155
+ .unwrap();
156
+ let sk = PKey::private_key_from_pkcs8(&ruby_sk.as_bytes())
157
+ .map_err(|e| {
158
+ VM::raise(
159
+ Class::from_existing("ArgumentError"),
160
+ &format!("Wrong secret key formar (not pkcs8?) ({})", e.to_string()),
161
+ )
162
+ })
163
+ .unwrap()
164
+ .ec_key()
165
+ .map_err(|e| {
166
+ VM::raise(
167
+ Class::from_existing("ArgumentError"),
168
+ &format!("Can't extract EC key ({})", e.to_string()),
169
+ )
170
+ })
171
+ .unwrap();
172
+
173
+ let holder = capbac::Holder::new(me, sk);
172
174
 
173
175
  Class::from_existing("CapBAC")
174
176
  .get_nested_class("Holder")
175
177
  .wrap_data(holder, &*HOLDER_WRAPPER)
176
178
  }
177
179
 
178
- fn ruby_holder_forge(options: Hash) -> Array {
179
- if let Err(ref _error) = options {
180
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
181
- }
182
-
183
- let options = options_to_cert_blueprint(options.unwrap());
184
-
180
+ fn ruby_holder_forge(options: Hash) -> RString {
181
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
182
+ let options = options_to_cert_blueprint(ruby_options);
185
183
  let holder = itself.get_data(&*HOLDER_WRAPPER);
184
+
186
185
  let cert = holder.forge(options).unwrap();
187
186
 
188
- let mut res = Array::new();
189
- for item in cert.write_to_bytes().unwrap().iter() {
190
- res.push(Fixnum::new(i64::from(*item)));
191
- };
192
- res
187
+ RString::from_bytes(&cert.write_to_bytes().unwrap(), &Encoding::us_ascii())
193
188
  }
194
189
 
195
- fn ruby_holder_delegate(cert: Array, options: Hash) -> Array {
196
- if let Err(ref _error) = options {
197
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
198
- }
199
-
200
- let options = options_to_cert_blueprint(options.unwrap());
190
+ fn ruby_holder_delegate(cert: RString, options: Hash) -> RString {
191
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
192
+ let options = options_to_cert_blueprint(ruby_options);
201
193
  let holder = itself.get_data(&*HOLDER_WRAPPER);
202
- let cert = array_to_cert(cert.unwrap());
194
+
195
+ let cert_content = cert.unwrap().to_string_unchecked();
196
+
197
+ let mut cert = capbac::proto::Certificate::new();
198
+ cert.merge_from_bytes(&cert_content.as_bytes()).unwrap();
203
199
 
204
200
  let cert = holder.delegate(cert, options).unwrap();
205
- let mut res = Array::new();
206
- for item in cert.write_to_bytes().unwrap().iter() {
207
- res.push(Fixnum::new(i64::from(*item)));
208
- };
209
- res
210
- }
211
201
 
212
- fn ruby_holder_invoke(options: Hash) -> Array {
213
- if let Err(ref _error) = options {
214
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
215
- }
202
+ RString::from_bytes(&cert.write_to_bytes().unwrap(), &Encoding::us_ascii())
203
+ }
216
204
 
217
- let options = options_to_invoke_blueprint(options.unwrap());
205
+ fn ruby_holder_invoke(options: Hash) -> RString {
206
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
207
+ let options = options_to_invoke_blueprint(ruby_options);
218
208
  let holder = itself.get_data(&*HOLDER_WRAPPER);
219
209
 
220
210
  let invocation = holder.invoke(options).unwrap();
221
- let mut res = Array::new();
222
- for item in invocation.write_to_bytes().unwrap().iter() {
223
- res.push(Fixnum::new(i64::from(*item)));
224
- };
225
- res
211
+
212
+ RString::from_bytes(&invocation.write_to_bytes().unwrap(), &Encoding::us_ascii())
226
213
  }
227
214
  );
228
215
 
@@ -235,7 +222,7 @@ impl IntValidator {
235
222
  fn new(trust_checker: AnyObject, pubs: AnyObject) -> Self {
236
223
  IntValidator {
237
224
  trust_checker,
238
- pubs
225
+ pubs,
239
226
  }
240
227
  }
241
228
  }
@@ -244,30 +231,36 @@ impl capbac::TrustChecker for IntValidator {
244
231
  fn is_trusted(&self, id: &Url) -> bool {
245
232
  let args = vec![URI::from(id).to_any_object()];
246
233
  self.trust_checker
247
- .send("trusted?", &args)
234
+ .protect_send("trusted?", &args)
235
+ .map_err(VM::raise_ex)
236
+ .unwrap()
248
237
  .try_convert_to::<Boolean>()
249
- .unwrap_or(Boolean::new(false))
238
+ .unwrap_or_else(|_| Boolean::new(false))
250
239
  .to_bool()
251
240
  }
252
241
  }
253
242
 
254
243
  impl capbac::Pubs for IntValidator {
255
244
  fn get(&self, id: &Url) -> Option<EcKey<Public>> {
256
- let res = self.pubs.send("get", &vec![URI::from(id).to_any_object()]).try_convert_to::<Array>();
257
- if let Err(ref _error) = res {
258
- return None
259
- }
260
- let mut pk_content: Vec<u8> = Vec::new();
261
- for n in res.unwrap().into_iter() {
262
- let n = n.try_convert_to::<Fixnum>();
263
-
264
- if let Err(ref error) = n {
265
- VM::raise(error.class(), &error.to_string());
245
+ let args = [URI::from(id).to_any_object()];
246
+ let res = self
247
+ .pubs
248
+ .protect_send("get", &args)
249
+ .map_err(VM::raise_ex)
250
+ .unwrap()
251
+ .try_convert_to::<RString>();
252
+
253
+ match res {
254
+ Ok(pk) => {
255
+ Some(
256
+ PKey::public_key_from_der(&pk.to_string_unchecked().as_bytes())
257
+ .unwrap()
258
+ .ec_key()
259
+ .unwrap(),
260
+ )
266
261
  }
267
-
268
- pk_content.push(n.unwrap().to_i64() as u8);
262
+ Err(_) => None
269
263
  }
270
- Some(PKey::public_key_from_der(&pk_content).unwrap().ec_key().unwrap())
271
264
  }
272
265
  }
273
266
 
@@ -290,56 +283,48 @@ methods!(
290
283
  .wrap_data(validator, &*INT_VALIDATOR_WRAPPER)
291
284
  }
292
285
 
293
- fn ruby_validator_validate_cert(cert: Array, now: Fixnum) -> Boolean {
294
- if let Err(ref error) = cert {
295
- VM::raise(error.class(), &error.to_string());
296
- }
297
-
298
- if let Err(ref error) = now {
299
- VM::raise(error.class(), &error.to_string());
300
- }
301
-
302
- let mut cert_content: Vec<u8> = Vec::new();
303
- for n in cert.unwrap().into_iter() {
304
- let n = n.try_convert_to::<Fixnum>();
286
+ fn ruby_validator_validate_cert(cert: RString, now: Fixnum) -> Boolean {
287
+ let ruby_cert = cert
288
+ .map_err(VM::raise_ex)
289
+ .unwrap()
290
+ .to_string_unchecked();
305
291
 
306
- if let Err(ref error) = n {
307
- VM::raise(error.class(), &error.to_string());
308
- }
309
-
310
- cert_content.push(n.unwrap().to_i64() as u8);
311
- }
312
292
  let mut cert = capbac::proto::Certificate::new();
313
- cert.merge_from_bytes(&cert_content).unwrap();
293
+ cert.merge_from_bytes(&ruby_cert.as_bytes()).unwrap();
314
294
 
315
- let now = now.unwrap().to_i64() as u64;
295
+ let now = now.map_err(VM::raise_ex).unwrap().to_i64() as u64;
316
296
 
317
297
  let x = itself.get_data(&*INT_VALIDATOR_WRAPPER);
318
298
  let validator = capbac::Validator::new(x, x);
319
299
 
320
300
  match validator.validate_cert(&cert, now) {
321
301
  Result::Ok(_) => Boolean::new(true),
322
- Err(x) => {
302
+ Err(x) => {
323
303
  let capbac_class = Class::from_existing("CapBAC");
324
304
  match x {
325
- capbac::ValidateError::Malformed { .. } => {
326
- VM::raise(capbac_class.get_nested_class("Malformed"), &format!("{}", x))
327
- },
305
+ capbac::ValidateError::Malformed { .. } => VM::raise(
306
+ capbac_class.get_nested_class("Malformed"),
307
+ &format!("{}", x),
308
+ ),
328
309
  capbac::ValidateError::BadURL { .. } => {
329
310
  VM::raise(capbac_class.get_nested_class("BadURL"), &format!("{}", x))
330
- },
331
- capbac::ValidateError::UnknownPub { .. } => {
332
- VM::raise(capbac_class.get_nested_class("UnknownPub"), &format!("{}", x))
333
- },
334
- capbac::ValidateError::BadIssuer { .. } => {
335
- VM::raise(capbac_class.get_nested_class("BadIssuer"), &format!("{}", x))
336
- },
337
- capbac::ValidateError::BadInvoker { .. } => {
338
- VM::raise(capbac_class.get_nested_class("BadInvoker"), &format!("{}", x))
339
- },
340
- capbac::ValidateError::Untrusted { .. } => {
341
- VM::raise(capbac_class.get_nested_class("Untrusted"), &format!("{}", x))
342
- },
311
+ }
312
+ capbac::ValidateError::UnknownPub { .. } => VM::raise(
313
+ capbac_class.get_nested_class("UnknownPub"),
314
+ &format!("{}", x),
315
+ ),
316
+ capbac::ValidateError::BadIssuer { .. } => VM::raise(
317
+ capbac_class.get_nested_class("BadIssuer"),
318
+ &format!("{}", x),
319
+ ),
320
+ capbac::ValidateError::BadInvoker { .. } => VM::raise(
321
+ capbac_class.get_nested_class("BadInvoker"),
322
+ &format!("{}", x),
323
+ ),
324
+ capbac::ValidateError::Untrusted { .. } => VM::raise(
325
+ capbac_class.get_nested_class("Untrusted"),
326
+ &format!("{}", x),
327
+ ),
343
328
  capbac::ValidateError::Expired => {
344
329
  VM::raise(capbac_class.get_nested_class("Expired"), &format!("{}", x))
345
330
  }
@@ -352,56 +337,50 @@ methods!(
352
337
  }
353
338
  }
354
339
 
355
- fn ruby_validator_validate_invocation(invocation: Array, now: Fixnum) -> Boolean {
356
- if let Err(ref error) = invocation {
357
- VM::raise(error.class(), &error.to_string());
358
- }
359
-
360
- if let Err(ref error) = now {
361
- VM::raise(error.class(), &error.to_string());
362
- }
363
-
364
- let mut invocation_content: Vec<u8> = Vec::new();
365
- for n in invocation.unwrap().into_iter() {
366
- let n = n.try_convert_to::<Fixnum>();
340
+ fn ruby_validator_validate_invocation(invocation: RString, now: Fixnum) -> Boolean {
341
+ let ruby_invocation = invocation
342
+ .map_err(VM::raise_ex)
343
+ .unwrap()
344
+ .to_string_unchecked();
367
345
 
368
- if let Err(ref error) = n {
369
- VM::raise(error.class(), &error.to_string());
370
- }
371
-
372
- invocation_content.push(n.unwrap().to_i64() as u8);
373
- }
374
346
  let mut invocation = capbac::proto::Invocation::new();
375
- invocation.merge_from_bytes(&invocation_content).unwrap();
347
+ invocation
348
+ .merge_from_bytes(&ruby_invocation.as_bytes())
349
+ .unwrap();
376
350
 
377
- let now = now.unwrap().to_i64() as u64;
351
+ let now = now.map_err(VM::raise_ex).unwrap().to_i64() as u64;
378
352
 
379
353
  let x = itself.get_data(&*INT_VALIDATOR_WRAPPER);
380
354
  let validator = capbac::Validator::new(x, x);
381
355
 
382
356
  match validator.validate_invocation(&invocation, now) {
383
357
  Result::Ok(_) => Boolean::new(true),
384
- Err(x) => {
358
+ Err(x) => {
385
359
  let capbac_class = Class::from_existing("CapBAC");
386
360
  match x {
387
- capbac::ValidateError::Malformed { .. } => {
388
- VM::raise(capbac_class.get_nested_class("Malformed"), &format!("{}", x))
389
- },
361
+ capbac::ValidateError::Malformed { .. } => VM::raise(
362
+ capbac_class.get_nested_class("Malformed"),
363
+ &format!("{}", x),
364
+ ),
390
365
  capbac::ValidateError::BadURL { .. } => {
391
366
  VM::raise(capbac_class.get_nested_class("BadURL"), &format!("{}", x))
392
- },
393
- capbac::ValidateError::UnknownPub { .. } => {
394
- VM::raise(capbac_class.get_nested_class("UnknownPub"), &format!("{}", x))
395
- },
396
- capbac::ValidateError::BadIssuer { .. } => {
397
- VM::raise(capbac_class.get_nested_class("BadIssuer"), &format!("{}", x))
398
- },
399
- capbac::ValidateError::BadInvoker { .. } => {
400
- VM::raise(capbac_class.get_nested_class("BadInvoker"), &format!("{}", x))
401
- },
402
- capbac::ValidateError::Untrusted { .. } => {
403
- VM::raise(capbac_class.get_nested_class("Untrusted"), &format!("{}", x))
404
- },
367
+ }
368
+ capbac::ValidateError::UnknownPub { .. } => VM::raise(
369
+ capbac_class.get_nested_class("UnknownPub"),
370
+ &format!("{}", x),
371
+ ),
372
+ capbac::ValidateError::BadIssuer { .. } => VM::raise(
373
+ capbac_class.get_nested_class("BadIssuer"),
374
+ &format!("{}", x),
375
+ ),
376
+ capbac::ValidateError::BadInvoker { .. } => VM::raise(
377
+ capbac_class.get_nested_class("BadInvoker"),
378
+ &format!("{}", x),
379
+ ),
380
+ capbac::ValidateError::Untrusted { .. } => VM::raise(
381
+ capbac_class.get_nested_class("Untrusted"),
382
+ &format!("{}", x),
383
+ ),
405
384
  capbac::ValidateError::Expired => {
406
385
  VM::raise(capbac_class.get_nested_class("Expired"), &format!("{}", x))
407
386
  }
@@ -412,7 +391,6 @@ methods!(
412
391
  Boolean::new(false)
413
392
  }
414
393
  }
415
-
416
394
  }
417
395
  );
418
396
 
@@ -424,21 +402,28 @@ methods!(
424
402
 
425
403
  fn ruby_generate_keypair() -> Hash {
426
404
  let rng = rand::SystemRandom::new();
427
- let key_pair = EcdsaKeyPair::generate_pkcs8(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, &rng).unwrap();
428
- let mut sk = Array::new();
429
- for item in key_pair.as_ref().iter() {
430
- sk.push(Fixnum::new(i64::from(*item)));
431
- };
432
-
433
- let key_pair = EcdsaKeyPair::from_pkcs8(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, &key_pair.as_ref()).unwrap();
434
- let mut pk = Array::new();
435
- for item in key_pair.public_key().as_ref().iter() {
436
- pk.push(Fixnum::new(i64::from(*item)));
437
- };
405
+
406
+ let key_pair =
407
+ EcdsaKeyPair::generate_pkcs8(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, &rng)
408
+ .unwrap();
409
+ let sk = key_pair.as_ref();
410
+
411
+ let key_pair = EcdsaKeyPair::from_pkcs8(
412
+ &signature::ECDSA_P256_SHA256_FIXED_SIGNING,
413
+ &key_pair.as_ref(),
414
+ )
415
+ .unwrap();
416
+ let pk = key_pair.public_key().as_ref();
438
417
 
439
418
  let mut res = Hash::new();
440
- res.store(Symbol::new("sk"), sk);
441
- res.store(Symbol::new("pk"), pk);
419
+ res.store(
420
+ Symbol::new("sk"),
421
+ RString::from_bytes(&sk, &Encoding::us_ascii()),
422
+ );
423
+ res.store(
424
+ Symbol::new("pk"),
425
+ RString::from_bytes(&pk, &Encoding::us_ascii()),
426
+ );
442
427
  res
443
428
  }
444
429
  );
@@ -454,14 +439,18 @@ pub extern "C" fn Init_capbac() {
454
439
  itself.def("invoke", ruby_holder_invoke);
455
440
  });
456
441
 
457
- itself.define_nested_class("Validator", None).define(|itself| {
458
- itself.def_self("new", ruby_validator_new);
459
- itself.def("validate_cert", ruby_validator_validate_cert);
460
- itself.def("validate_invocation", ruby_validator_validate_invocation);
461
- });
462
-
463
- itself.define_nested_class("KeyPair", None).define(|itself| {
464
- itself.def("generate!", ruby_generate_keypair);
465
- });
442
+ itself
443
+ .define_nested_class("Validator", None)
444
+ .define(|itself| {
445
+ itself.def_self("new", ruby_validator_new);
446
+ itself.def("validate_cert", ruby_validator_validate_cert);
447
+ itself.def("validate_invocation", ruby_validator_validate_invocation);
448
+ });
449
+
450
+ itself
451
+ .define_nested_class("KeyPair", None)
452
+ .define(|itself| {
453
+ itself.def("generate!", ruby_generate_keypair);
454
+ });
466
455
  });
467
456
  }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: capbac
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Kirill Chernyshov
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-07-22 00:00:00.000000000 Z
11
+ date: 2020-07-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thermite