capbac 0.3.0 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Cargo.toml +1 -1
  3. data/lib/capbac/version.rb +1 -1
  4. data/lib/capbac_ruby.so +0 -0
  5. data/src/lib.rs +232 -243
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9aea3202cf722c59f88ff0cc3ac473c5d70d05727bf2887a9665ff554552fa02
4
- data.tar.gz: e0a1ea74ed0b853ccb8e3619015bd599f4f20ea30f8c9eb4caadf331dbfc979f
3
+ metadata.gz: 44848813257e696a0d0aa3ee32740481dced5a2400821e69a4fe31b130e60476
4
+ data.tar.gz: 9e7bc540cba3a4a0be51ed7d91f06455f493dbae694b5a003716d75143196bb5
5
5
  SHA512:
6
- metadata.gz: 1ea6fb01de7bd48e299b32602b2ee276bbed2581c2e75fb724deba69f776386edb05b61e6492867152d97bb02989b894145dee0a8bf6d94bdd301d60ee181f55
7
- data.tar.gz: f1a7f43fbfb3df31dc1272edd15f74b27c3b29fcf83c4b765290f976a5eec5e07f3c1cdfb63772f1e6fe4813f1df3eea0fb224b6bda2ae80697f60e22732b4c2
6
+ metadata.gz: 3a05e44960b0368b3fa77def316ead43fd2aef59586ae5900e738b0b1f4f5329fba514270a52cd565301a60ec6c3e1d99cfe596bb52eaa667cd13da6c28999b2
7
+ data.tar.gz: 1a30dc257457acd1bb747ab6a4d9452c65d3833aa05459c48a7c61adc73957519516c68e6c21b00683d3ce7f7562cd908ac6542164e9358fa79371babfd7302d
data/Cargo.toml CHANGED
@@ -8,7 +8,7 @@ edition = "2018"
8
8
  crate-type = ["cdylib"]
9
9
 
10
10
  [dependencies]
11
- rutie = "0.6.1"
11
+ rutie = "0.8.0"
12
12
  url = "2.1"
13
13
  openssl = "0.10"
14
14
  ring = "0.16.15"
data/lib/capbac/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module CapBAC
2
- VERSION = '0.3.0'.freeze
2
+ VERSION = '0.4.0'.freeze
3
3
  end
data/lib/capbac_ruby.so CHANGED
Binary file
data/src/lib.rs CHANGED
@@ -1,25 +1,33 @@
1
- #[macro_use] extern crate rutie;
2
- #[macro_use] extern crate lazy_static;
1
+ #[macro_use]
2
+ extern crate rutie;
3
+ #[macro_use]
4
+ extern crate lazy_static;
3
5
 
4
- use rutie::{Module, Class, RString, Object, AnyObject, Array,
5
- Fixnum, Hash, Symbol, VM, Boolean, GC, VerifiedObject};
6
6
  use capbac::{CertificateBlueprint, InvokeBlueprint};
7
- use url::Url;
8
- use openssl::pkey::{PKey, Public};
9
- use openssl::ec::EcKey;
10
- use protobuf::{Message};
11
- use std::fmt;
12
-
7
+ use openssl::{
8
+ ec::EcKey,
9
+ pkey::{PKey, Public},
10
+ };
11
+ use protobuf::Message;
13
12
  use ring::{
14
13
  rand,
15
- signature::{self, KeyPair, EcdsaKeyPair},
14
+ signature::{self, EcdsaKeyPair, KeyPair},
16
15
  };
16
+ use rutie::{
17
+ AnyObject, Boolean, Class, Encoding, Fixnum, Hash, Module, Object, RString, Symbol,
18
+ VerifiedObject, GC, VM,
19
+ };
20
+ use std::{fmt, str};
21
+ use url::Url;
17
22
 
18
23
  class!(URI);
19
24
 
20
25
  impl VerifiedObject for URI {
21
26
  fn is_correct_type<T: Object>(object: &T) -> bool {
22
- object.class().ancestors().iter()
27
+ object
28
+ .class()
29
+ .ancestors()
30
+ .iter()
23
31
  .any(|class| *class == Class::from_existing("URI"))
24
32
  }
25
33
 
@@ -30,108 +38,100 @@ impl VerifiedObject for URI {
30
38
 
31
39
  impl fmt::Display for URI {
32
40
  fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
33
- let s = self.send("to_s", &vec![]).try_convert_to::<RString>().unwrap().to_string();
41
+ let s = self
42
+ .protect_send("to_s", &[])
43
+ .map_err(VM::raise_ex)
44
+ .unwrap()
45
+ .try_convert_to::<RString>()
46
+ .map_err(VM::raise_ex)
47
+ .unwrap()
48
+ .to_string();
34
49
  write!(f, "{}", s)
35
50
  }
36
51
  }
37
52
 
38
53
  impl From<&Url> for URI {
39
54
  fn from(url: &Url) -> Self {
40
- Class::from_existing("URI").send("parse", &vec![RString::new_utf8(&url.clone().to_string()).to_any_object()]).try_convert_to::<URI>().unwrap()
55
+ let args = [RString::new_utf8(&url.clone().to_string()).to_any_object()];
56
+ Class::from_existing("URI")
57
+ .protect_send("parse", &args)
58
+ .map_err(VM::raise_ex)
59
+ .unwrap()
60
+ .try_convert_to::<URI>()
61
+ .map_err(VM::raise_ex)
62
+ .unwrap()
41
63
  }
42
64
  }
43
65
 
44
66
  impl From<URI> for Url {
45
67
  fn from(uri: URI) -> Self {
46
- Url::parse(&uri.to_string()).unwrap()
68
+ Url::parse(&uri.to_string())
69
+ .map_err(|_e| {
70
+ VM::raise(
71
+ Class::from_existing("URI").get_nested_class("InvalidURIError"),
72
+ &format!("bad URI(is not URI?): {}", uri.to_string()),
73
+ )
74
+ })
75
+ .unwrap()
47
76
  }
48
77
  }
49
78
 
79
+ // TODO CertificateBlueprint -> Result<CertificateBlueprint, Error>
50
80
  fn options_to_cert_blueprint(options: Hash) -> CertificateBlueprint {
51
81
  let subject = options
52
82
  .at(&Symbol::new("subject"))
53
- .try_convert_to::<URI>();
83
+ .try_convert_to::<URI>()
84
+ .map_err(VM::raise_ex)
85
+ .unwrap();
54
86
 
55
- if let Err(ref _error) = subject {
56
- VM::raise(Class::from_existing("ArgumentError"), "Subject must be an instance of URI");
57
- }
58
-
59
- let subject = Url::from(subject.unwrap());
87
+ let subject = Url::from(subject);
60
88
 
61
89
  let capability = options
62
90
  .at(&Symbol::new("capability"))
63
- .try_convert_to::<RString>();
64
-
65
- if let Err(ref _error) = capability {
66
- VM::raise(Class::from_existing("ArgumentError"), "Capability must be a string");
67
- }
68
-
69
- let capability = capability
70
- .unwrap().to_string()
91
+ .try_convert_to::<RString>()
92
+ .map_err(VM::raise_ex)
93
+ .unwrap()
94
+ .to_string()
71
95
  .into_bytes();
72
96
 
73
97
  let exp = match options.at(&Symbol::new("exp")).try_convert_to::<Fixnum>() {
74
98
  Ok(x) => Some(x.to_i64() as u64),
75
- _ => None
99
+ _ => None,
76
100
  };
77
101
 
78
102
  CertificateBlueprint {
79
103
  subject,
80
104
  capability,
81
- exp
105
+ exp,
82
106
  }
83
107
  }
84
108
 
85
- fn array_to_cert(array: Array) -> capbac::proto::Certificate {
86
- let mut cert_content: Vec<u8> = Vec::new();
87
- for n in array.into_iter() {
88
- let n = n.try_convert_to::<Fixnum>();
89
-
90
- if let Err(ref error) = n {
91
- VM::raise(error.class(), &error.to_string());
92
- }
93
-
94
- cert_content.push(n.unwrap().to_i64() as u8);
95
- }
96
- let mut cert = capbac::proto::Certificate::new();
97
- cert.merge_from_bytes(&cert_content).unwrap();
98
- cert
99
- }
100
-
101
109
  fn options_to_invoke_blueprint(options: Hash) -> InvokeBlueprint {
102
-
103
110
  let cert_content = options
104
111
  .at(&Symbol::new("cert"))
105
- .try_convert_to::<Array>();
106
-
107
- if let Err(ref _error) = cert_content {
108
- VM::raise(Class::from_existing("ArgumentError"), "Certificate must be an array");
109
- }
112
+ .try_convert_to::<RString>()
113
+ .map_err(VM::raise_ex)
114
+ .unwrap()
115
+ .to_string()
116
+ .into_bytes();
110
117
 
111
- let cert = array_to_cert(cert_content.unwrap());
118
+ let mut cert = capbac::proto::Certificate::new();
119
+ cert.merge_from_bytes(&cert_content).unwrap();
112
120
 
113
121
  let action = options
114
122
  .at(&Symbol::new("action"))
115
- .try_convert_to::<RString>();
116
-
117
- if let Err(ref _error) = action {
118
- VM::raise(Class::from_existing("ArgumentError"), "Action must be a string");
119
- }
120
-
121
- let action = action
122
- .unwrap().to_string()
123
+ .try_convert_to::<RString>()
124
+ .map_err(VM::raise_ex)
125
+ .unwrap()
126
+ .to_string()
123
127
  .into_bytes();
124
128
 
125
129
  let exp = match options.at(&Symbol::new("exp")).try_convert_to::<Fixnum>() {
126
130
  Ok(x) => Some(x.to_i64() as u64),
127
- _ => None
131
+ _ => None,
128
132
  };
129
133
 
130
- InvokeBlueprint {
131
- cert,
132
- action,
133
- exp
134
- }
134
+ InvokeBlueprint { cert, action, exp }
135
135
  }
136
136
 
137
137
  wrappable_struct!(capbac::Holder, HolderWrapper, HOLDER_WRAPPER);
@@ -142,87 +142,74 @@ methods!(
142
142
  Holder,
143
143
  itself,
144
144
 
145
- fn ruby_holder_new(me: URI, sk: Array) -> AnyObject {
146
- if let Err(ref error) = me {
147
- VM::raise(error.class(), &error.to_string());
148
- }
149
-
150
- if let Err(ref error) = sk {
151
- VM::raise(error.class(), &error.to_string());
152
- }
153
-
154
- let me = Url::parse(&me.unwrap().to_string());
155
-
156
- if let Err(ref error) = me {
157
- VM::raise(Class::from_existing("ArgumentError"), &error.to_string())
158
- }
159
-
160
- let mut sk_content: Vec<u8> = Vec::new();
161
- for n in sk.unwrap().into_iter() {
162
- let n = n.try_convert_to::<Fixnum>();
163
-
164
- if let Err(ref error) = n {
165
- VM::raise(error.class(), &error.to_string());
166
- }
167
-
168
- sk_content.push(n.unwrap().to_i64() as u8);
169
- }
170
-
171
- let holder = capbac::Holder::new(me.unwrap(), PKey::private_key_from_pkcs8(&sk_content).unwrap().ec_key().unwrap());
145
+ fn ruby_holder_new(me: URI, sk: RString) -> AnyObject {
146
+ let ruby_me = me.map_err(VM::raise_ex).unwrap().to_string();
147
+
148
+ let ruby_sk = sk
149
+ .map_err(VM::raise_ex)
150
+ .unwrap()
151
+ .to_string_unchecked();
152
+
153
+ let me = Url::parse(&ruby_me)
154
+ .map_err(|e| VM::raise(Class::from_existing("ArgumentError"), &e.to_string()))
155
+ .unwrap();
156
+ let sk = PKey::private_key_from_pkcs8(&ruby_sk.as_bytes())
157
+ .map_err(|e| {
158
+ VM::raise(
159
+ Class::from_existing("ArgumentError"),
160
+ &format!("Wrong secret key formar (not pkcs8?) ({})", e.to_string()),
161
+ )
162
+ })
163
+ .unwrap()
164
+ .ec_key()
165
+ .map_err(|e| {
166
+ VM::raise(
167
+ Class::from_existing("ArgumentError"),
168
+ &format!("Can't extract EC key ({})", e.to_string()),
169
+ )
170
+ })
171
+ .unwrap();
172
+
173
+ let holder = capbac::Holder::new(me, sk);
172
174
 
173
175
  Class::from_existing("CapBAC")
174
176
  .get_nested_class("Holder")
175
177
  .wrap_data(holder, &*HOLDER_WRAPPER)
176
178
  }
177
179
 
178
- fn ruby_holder_forge(options: Hash) -> Array {
179
- if let Err(ref _error) = options {
180
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
181
- }
182
-
183
- let options = options_to_cert_blueprint(options.unwrap());
184
-
180
+ fn ruby_holder_forge(options: Hash) -> RString {
181
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
182
+ let options = options_to_cert_blueprint(ruby_options);
185
183
  let holder = itself.get_data(&*HOLDER_WRAPPER);
184
+
186
185
  let cert = holder.forge(options).unwrap();
187
186
 
188
- let mut res = Array::new();
189
- for item in cert.write_to_bytes().unwrap().iter() {
190
- res.push(Fixnum::new(i64::from(*item)));
191
- };
192
- res
187
+ RString::from_bytes(&cert.write_to_bytes().unwrap(), &Encoding::us_ascii())
193
188
  }
194
189
 
195
- fn ruby_holder_delegate(cert: Array, options: Hash) -> Array {
196
- if let Err(ref _error) = options {
197
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
198
- }
199
-
200
- let options = options_to_cert_blueprint(options.unwrap());
190
+ fn ruby_holder_delegate(cert: RString, options: Hash) -> RString {
191
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
192
+ let options = options_to_cert_blueprint(ruby_options);
201
193
  let holder = itself.get_data(&*HOLDER_WRAPPER);
202
- let cert = array_to_cert(cert.unwrap());
194
+
195
+ let cert_content = cert.unwrap().to_string_unchecked();
196
+
197
+ let mut cert = capbac::proto::Certificate::new();
198
+ cert.merge_from_bytes(&cert_content.as_bytes()).unwrap();
203
199
 
204
200
  let cert = holder.delegate(cert, options).unwrap();
205
- let mut res = Array::new();
206
- for item in cert.write_to_bytes().unwrap().iter() {
207
- res.push(Fixnum::new(i64::from(*item)));
208
- };
209
- res
210
- }
211
201
 
212
- fn ruby_holder_invoke(options: Hash) -> Array {
213
- if let Err(ref _error) = options {
214
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
215
- }
202
+ RString::from_bytes(&cert.write_to_bytes().unwrap(), &Encoding::us_ascii())
203
+ }
216
204
 
217
- let options = options_to_invoke_blueprint(options.unwrap());
205
+ fn ruby_holder_invoke(options: Hash) -> RString {
206
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
207
+ let options = options_to_invoke_blueprint(ruby_options);
218
208
  let holder = itself.get_data(&*HOLDER_WRAPPER);
219
209
 
220
210
  let invocation = holder.invoke(options).unwrap();
221
- let mut res = Array::new();
222
- for item in invocation.write_to_bytes().unwrap().iter() {
223
- res.push(Fixnum::new(i64::from(*item)));
224
- };
225
- res
211
+
212
+ RString::from_bytes(&invocation.write_to_bytes().unwrap(), &Encoding::us_ascii())
226
213
  }
227
214
  );
228
215
 
@@ -235,7 +222,7 @@ impl IntValidator {
235
222
  fn new(trust_checker: AnyObject, pubs: AnyObject) -> Self {
236
223
  IntValidator {
237
224
  trust_checker,
238
- pubs
225
+ pubs,
239
226
  }
240
227
  }
241
228
  }
@@ -244,30 +231,36 @@ impl capbac::TrustChecker for IntValidator {
244
231
  fn is_trusted(&self, id: &Url) -> bool {
245
232
  let args = vec![URI::from(id).to_any_object()];
246
233
  self.trust_checker
247
- .send("trusted?", &args)
234
+ .protect_send("trusted?", &args)
235
+ .map_err(VM::raise_ex)
236
+ .unwrap()
248
237
  .try_convert_to::<Boolean>()
249
- .unwrap_or(Boolean::new(false))
238
+ .unwrap_or_else(|_| Boolean::new(false))
250
239
  .to_bool()
251
240
  }
252
241
  }
253
242
 
254
243
  impl capbac::Pubs for IntValidator {
255
244
  fn get(&self, id: &Url) -> Option<EcKey<Public>> {
256
- let res = self.pubs.send("get", &vec![URI::from(id).to_any_object()]).try_convert_to::<Array>();
257
- if let Err(ref _error) = res {
258
- return None
259
- }
260
- let mut pk_content: Vec<u8> = Vec::new();
261
- for n in res.unwrap().into_iter() {
262
- let n = n.try_convert_to::<Fixnum>();
263
-
264
- if let Err(ref error) = n {
265
- VM::raise(error.class(), &error.to_string());
245
+ let args = [URI::from(id).to_any_object()];
246
+ let res = self
247
+ .pubs
248
+ .protect_send("get", &args)
249
+ .map_err(VM::raise_ex)
250
+ .unwrap()
251
+ .try_convert_to::<RString>();
252
+
253
+ match res {
254
+ Ok(pk) => {
255
+ Some(
256
+ PKey::public_key_from_der(&pk.to_string_unchecked().as_bytes())
257
+ .unwrap()
258
+ .ec_key()
259
+ .unwrap(),
260
+ )
266
261
  }
267
-
268
- pk_content.push(n.unwrap().to_i64() as u8);
262
+ Err(_) => None
269
263
  }
270
- Some(PKey::public_key_from_der(&pk_content).unwrap().ec_key().unwrap())
271
264
  }
272
265
  }
273
266
 
@@ -290,56 +283,48 @@ methods!(
290
283
  .wrap_data(validator, &*INT_VALIDATOR_WRAPPER)
291
284
  }
292
285
 
293
- fn ruby_validator_validate_cert(cert: Array, now: Fixnum) -> Boolean {
294
- if let Err(ref error) = cert {
295
- VM::raise(error.class(), &error.to_string());
296
- }
297
-
298
- if let Err(ref error) = now {
299
- VM::raise(error.class(), &error.to_string());
300
- }
301
-
302
- let mut cert_content: Vec<u8> = Vec::new();
303
- for n in cert.unwrap().into_iter() {
304
- let n = n.try_convert_to::<Fixnum>();
286
+ fn ruby_validator_validate_cert(cert: RString, now: Fixnum) -> Boolean {
287
+ let ruby_cert = cert
288
+ .map_err(VM::raise_ex)
289
+ .unwrap()
290
+ .to_string_unchecked();
305
291
 
306
- if let Err(ref error) = n {
307
- VM::raise(error.class(), &error.to_string());
308
- }
309
-
310
- cert_content.push(n.unwrap().to_i64() as u8);
311
- }
312
292
  let mut cert = capbac::proto::Certificate::new();
313
- cert.merge_from_bytes(&cert_content).unwrap();
293
+ cert.merge_from_bytes(&ruby_cert.as_bytes()).unwrap();
314
294
 
315
- let now = now.unwrap().to_i64() as u64;
295
+ let now = now.map_err(VM::raise_ex).unwrap().to_i64() as u64;
316
296
 
317
297
  let x = itself.get_data(&*INT_VALIDATOR_WRAPPER);
318
298
  let validator = capbac::Validator::new(x, x);
319
299
 
320
300
  match validator.validate_cert(&cert, now) {
321
301
  Result::Ok(_) => Boolean::new(true),
322
- Err(x) => {
302
+ Err(x) => {
323
303
  let capbac_class = Class::from_existing("CapBAC");
324
304
  match x {
325
- capbac::ValidateError::Malformed { .. } => {
326
- VM::raise(capbac_class.get_nested_class("Malformed"), &format!("{}", x))
327
- },
305
+ capbac::ValidateError::Malformed { .. } => VM::raise(
306
+ capbac_class.get_nested_class("Malformed"),
307
+ &format!("{}", x),
308
+ ),
328
309
  capbac::ValidateError::BadURL { .. } => {
329
310
  VM::raise(capbac_class.get_nested_class("BadURL"), &format!("{}", x))
330
- },
331
- capbac::ValidateError::UnknownPub { .. } => {
332
- VM::raise(capbac_class.get_nested_class("UnknownPub"), &format!("{}", x))
333
- },
334
- capbac::ValidateError::BadIssuer { .. } => {
335
- VM::raise(capbac_class.get_nested_class("BadIssuer"), &format!("{}", x))
336
- },
337
- capbac::ValidateError::BadInvoker { .. } => {
338
- VM::raise(capbac_class.get_nested_class("BadInvoker"), &format!("{}", x))
339
- },
340
- capbac::ValidateError::Untrusted { .. } => {
341
- VM::raise(capbac_class.get_nested_class("Untrusted"), &format!("{}", x))
342
- },
311
+ }
312
+ capbac::ValidateError::UnknownPub { .. } => VM::raise(
313
+ capbac_class.get_nested_class("UnknownPub"),
314
+ &format!("{}", x),
315
+ ),
316
+ capbac::ValidateError::BadIssuer { .. } => VM::raise(
317
+ capbac_class.get_nested_class("BadIssuer"),
318
+ &format!("{}", x),
319
+ ),
320
+ capbac::ValidateError::BadInvoker { .. } => VM::raise(
321
+ capbac_class.get_nested_class("BadInvoker"),
322
+ &format!("{}", x),
323
+ ),
324
+ capbac::ValidateError::Untrusted { .. } => VM::raise(
325
+ capbac_class.get_nested_class("Untrusted"),
326
+ &format!("{}", x),
327
+ ),
343
328
  capbac::ValidateError::Expired => {
344
329
  VM::raise(capbac_class.get_nested_class("Expired"), &format!("{}", x))
345
330
  }
@@ -352,56 +337,50 @@ methods!(
352
337
  }
353
338
  }
354
339
 
355
- fn ruby_validator_validate_invocation(invocation: Array, now: Fixnum) -> Boolean {
356
- if let Err(ref error) = invocation {
357
- VM::raise(error.class(), &error.to_string());
358
- }
359
-
360
- if let Err(ref error) = now {
361
- VM::raise(error.class(), &error.to_string());
362
- }
363
-
364
- let mut invocation_content: Vec<u8> = Vec::new();
365
- for n in invocation.unwrap().into_iter() {
366
- let n = n.try_convert_to::<Fixnum>();
340
+ fn ruby_validator_validate_invocation(invocation: RString, now: Fixnum) -> Boolean {
341
+ let ruby_invocation = invocation
342
+ .map_err(VM::raise_ex)
343
+ .unwrap()
344
+ .to_string_unchecked();
367
345
 
368
- if let Err(ref error) = n {
369
- VM::raise(error.class(), &error.to_string());
370
- }
371
-
372
- invocation_content.push(n.unwrap().to_i64() as u8);
373
- }
374
346
  let mut invocation = capbac::proto::Invocation::new();
375
- invocation.merge_from_bytes(&invocation_content).unwrap();
347
+ invocation
348
+ .merge_from_bytes(&ruby_invocation.as_bytes())
349
+ .unwrap();
376
350
 
377
- let now = now.unwrap().to_i64() as u64;
351
+ let now = now.map_err(VM::raise_ex).unwrap().to_i64() as u64;
378
352
 
379
353
  let x = itself.get_data(&*INT_VALIDATOR_WRAPPER);
380
354
  let validator = capbac::Validator::new(x, x);
381
355
 
382
356
  match validator.validate_invocation(&invocation, now) {
383
357
  Result::Ok(_) => Boolean::new(true),
384
- Err(x) => {
358
+ Err(x) => {
385
359
  let capbac_class = Class::from_existing("CapBAC");
386
360
  match x {
387
- capbac::ValidateError::Malformed { .. } => {
388
- VM::raise(capbac_class.get_nested_class("Malformed"), &format!("{}", x))
389
- },
361
+ capbac::ValidateError::Malformed { .. } => VM::raise(
362
+ capbac_class.get_nested_class("Malformed"),
363
+ &format!("{}", x),
364
+ ),
390
365
  capbac::ValidateError::BadURL { .. } => {
391
366
  VM::raise(capbac_class.get_nested_class("BadURL"), &format!("{}", x))
392
- },
393
- capbac::ValidateError::UnknownPub { .. } => {
394
- VM::raise(capbac_class.get_nested_class("UnknownPub"), &format!("{}", x))
395
- },
396
- capbac::ValidateError::BadIssuer { .. } => {
397
- VM::raise(capbac_class.get_nested_class("BadIssuer"), &format!("{}", x))
398
- },
399
- capbac::ValidateError::BadInvoker { .. } => {
400
- VM::raise(capbac_class.get_nested_class("BadInvoker"), &format!("{}", x))
401
- },
402
- capbac::ValidateError::Untrusted { .. } => {
403
- VM::raise(capbac_class.get_nested_class("Untrusted"), &format!("{}", x))
404
- },
367
+ }
368
+ capbac::ValidateError::UnknownPub { .. } => VM::raise(
369
+ capbac_class.get_nested_class("UnknownPub"),
370
+ &format!("{}", x),
371
+ ),
372
+ capbac::ValidateError::BadIssuer { .. } => VM::raise(
373
+ capbac_class.get_nested_class("BadIssuer"),
374
+ &format!("{}", x),
375
+ ),
376
+ capbac::ValidateError::BadInvoker { .. } => VM::raise(
377
+ capbac_class.get_nested_class("BadInvoker"),
378
+ &format!("{}", x),
379
+ ),
380
+ capbac::ValidateError::Untrusted { .. } => VM::raise(
381
+ capbac_class.get_nested_class("Untrusted"),
382
+ &format!("{}", x),
383
+ ),
405
384
  capbac::ValidateError::Expired => {
406
385
  VM::raise(capbac_class.get_nested_class("Expired"), &format!("{}", x))
407
386
  }
@@ -412,7 +391,6 @@ methods!(
412
391
  Boolean::new(false)
413
392
  }
414
393
  }
415
-
416
394
  }
417
395
  );
418
396
 
@@ -424,21 +402,28 @@ methods!(
424
402
 
425
403
  fn ruby_generate_keypair() -> Hash {
426
404
  let rng = rand::SystemRandom::new();
427
- let key_pair = EcdsaKeyPair::generate_pkcs8(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, &rng).unwrap();
428
- let mut sk = Array::new();
429
- for item in key_pair.as_ref().iter() {
430
- sk.push(Fixnum::new(i64::from(*item)));
431
- };
432
-
433
- let key_pair = EcdsaKeyPair::from_pkcs8(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, &key_pair.as_ref()).unwrap();
434
- let mut pk = Array::new();
435
- for item in key_pair.public_key().as_ref().iter() {
436
- pk.push(Fixnum::new(i64::from(*item)));
437
- };
405
+
406
+ let key_pair =
407
+ EcdsaKeyPair::generate_pkcs8(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, &rng)
408
+ .unwrap();
409
+ let sk = key_pair.as_ref();
410
+
411
+ let key_pair = EcdsaKeyPair::from_pkcs8(
412
+ &signature::ECDSA_P256_SHA256_FIXED_SIGNING,
413
+ &key_pair.as_ref(),
414
+ )
415
+ .unwrap();
416
+ let pk = key_pair.public_key().as_ref();
438
417
 
439
418
  let mut res = Hash::new();
440
- res.store(Symbol::new("sk"), sk);
441
- res.store(Symbol::new("pk"), pk);
419
+ res.store(
420
+ Symbol::new("sk"),
421
+ RString::from_bytes(&sk, &Encoding::us_ascii()),
422
+ );
423
+ res.store(
424
+ Symbol::new("pk"),
425
+ RString::from_bytes(&pk, &Encoding::us_ascii()),
426
+ );
442
427
  res
443
428
  }
444
429
  );
@@ -454,14 +439,18 @@ pub extern "C" fn Init_capbac() {
454
439
  itself.def("invoke", ruby_holder_invoke);
455
440
  });
456
441
 
457
- itself.define_nested_class("Validator", None).define(|itself| {
458
- itself.def_self("new", ruby_validator_new);
459
- itself.def("validate_cert", ruby_validator_validate_cert);
460
- itself.def("validate_invocation", ruby_validator_validate_invocation);
461
- });
462
-
463
- itself.define_nested_class("KeyPair", None).define(|itself| {
464
- itself.def("generate!", ruby_generate_keypair);
465
- });
442
+ itself
443
+ .define_nested_class("Validator", None)
444
+ .define(|itself| {
445
+ itself.def_self("new", ruby_validator_new);
446
+ itself.def("validate_cert", ruby_validator_validate_cert);
447
+ itself.def("validate_invocation", ruby_validator_validate_invocation);
448
+ });
449
+
450
+ itself
451
+ .define_nested_class("KeyPair", None)
452
+ .define(|itself| {
453
+ itself.def("generate!", ruby_generate_keypair);
454
+ });
466
455
  });
467
456
  }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: capbac
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Kirill Chernyshov
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-07-22 00:00:00.000000000 Z
11
+ date: 2020-07-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thermite