RubyGems - costan-tem_ruby - Versions diffs - 0.10.2 - Mend

costan-tem_ruby 0.10.2

Files changed (76) hide show

data/CHANGELOG +45 -0
data/LICENSE +21 -0
data/Manifest +75 -0
data/README +8 -0
data/Rakefile +23 -0
data/bin/tem_bench +9 -0
data/bin/tem_ca +13 -0
data/bin/tem_irb +11 -0
data/bin/tem_proxy +65 -0
data/bin/tem_stat +35 -0
data/dev_ca/ca_cert.cer +0 -0
data/dev_ca/ca_cert.pem +32 -0
data/dev_ca/ca_key.pem +27 -0
data/dev_ca/config.yml +14 -0
data/lib/tem/_cert.rb +158 -0
data/lib/tem/apdus/buffers.rb +89 -0
data/lib/tem/apdus/keys.rb +64 -0
data/lib/tem/apdus/lifecycle.rb +13 -0
data/lib/tem/apdus/tag.rb +38 -0
data/lib/tem/auto_conf.rb +25 -0
data/lib/tem/builders/abi.rb +482 -0
data/lib/tem/builders/assembler.rb +314 -0
data/lib/tem/builders/crypto.rb +124 -0
data/lib/tem/builders/isa.rb +120 -0
data/lib/tem/ca.rb +114 -0
data/lib/tem/definitions/abi.rb +65 -0
data/lib/tem/definitions/assembler.rb +23 -0
data/lib/tem/definitions/isa.rb +188 -0
data/lib/tem/ecert.rb +77 -0
data/lib/tem/hive.rb +18 -0
data/lib/tem/keys/asymmetric.rb +116 -0
data/lib/tem/keys/key.rb +48 -0
data/lib/tem/keys/symmetric.rb +47 -0
data/lib/tem/sec_exec_error.rb +63 -0
data/lib/tem/seclosures.rb +81 -0
data/lib/tem/secpack.rb +107 -0
data/lib/tem/tem.rb +31 -0
data/lib/tem/toolkit.rb +101 -0
data/lib/tem/transport/auto_configurator.rb +87 -0
data/lib/tem/transport/java_card_mixin.rb +99 -0
data/lib/tem/transport/jcop_remote_protocol.rb +59 -0
data/lib/tem/transport/jcop_remote_server.rb +171 -0
data/lib/tem/transport/jcop_remote_transport.rb +65 -0
data/lib/tem/transport/pcsc_transport.rb +87 -0
data/lib/tem/transport/transport.rb +10 -0
data/lib/tem_ruby.rb +47 -0
data/tem_ruby.gemspec +35 -0
data/test/_test_cert.rb +70 -0
data/test/builders/test_abi_builder.rb +298 -0
data/test/tem_test_case.rb +26 -0
data/test/tem_unit/test_tem_alu.rb +33 -0
data/test/tem_unit/test_tem_bound_secpack.rb +51 -0
data/test/tem_unit/test_tem_branching.rb +56 -0
data/test/tem_unit/test_tem_crypto_asymmetric.rb +123 -0
data/test/tem_unit/test_tem_crypto_hash.rb +35 -0
data/test/tem_unit/test_tem_crypto_pstore.rb +53 -0
data/test/tem_unit/test_tem_crypto_random.rb +25 -0
data/test/tem_unit/test_tem_emit.rb +23 -0
data/test/tem_unit/test_tem_memory.rb +48 -0
data/test/tem_unit/test_tem_memory_compare.rb +65 -0
data/test/tem_unit/test_tem_output.rb +32 -0
data/test/tem_unit/test_tem_yaml_secpack.rb +47 -0
data/test/test_driver.rb +108 -0
data/test/test_exceptions.rb +35 -0
data/test/transport/test_auto_configurator.rb +114 -0
data/test/transport/test_java_card_mixin.rb +90 -0
data/test/transport/test_jcop_remote.rb +82 -0
data/timings/blank_bound_secpack.rb +18 -0
data/timings/blank_sec.rb +14 -0
data/timings/devchip_decrypt.rb +9 -0
data/timings/post_buffer.rb +10 -0
data/timings/simple_apdu.rb +5 -0
data/timings/timings.rb +64 -0
data/timings/vm_perf.rb +140 -0
data/timings/vm_perf_bound.rb +141 -0
metadata +201 -0

data/test/transport/test_jcop_remote.rb ADDED Viewed

@@ -0,0 +1,82 @@
+require 'test/unit'
+require 'rubygems'
+require 'flexmock/test_unit'
+require 'tem_ruby'
+# Tests JcopRemoteProtocol, JcopRemoteServer, and JcopRemoteTransport.
+class JcopRemoteTest < Test::Unit::TestCase
+  Protocol = Tem::Transport::JcopRemoteProtocol
+  Server = Tem::Transport::JcopRemoteServer
+  Transport = Tem::Transport::JcopRemoteTransport
+  # Serving logic that records what it receives and replays a log.
+  class Logic
+    include Protocol
+    attr_reader :received
+    def initialize(responses)
+      @responses = responses
+      @received = []
+    end
+    def connection_start
+      @received << :start
+    end
+    def connection_end
+      @received << :end
+    end
+    def exchange_apdu(apdu)
+      @received << apdu
+      @responses.shift
+    end
+  end
+  def setup
+    @server = Server.new(:ip => '127.0.0.1', :port => 51995)
+    @client = Transport.new :host => '127.0.0.1', :port => 51995
+    @old_abort_on_exception = Thread.abort_on_exception
+    Thread.abort_on_exception = true
+  end
+  def teardown
+    Thread.abort_on_exception = @old_abort_on_exception
+    @server.stop
+  end
+  def test_apdu_exchange
+    apdu_request = [0x31, 0x41, 0x59, 0x26, 0x53]
+    apdu_response = [0x27, 0x90, 0x00]
+    logic = Logic.new([apdu_response])
+    Thread.new do
+      begin
+        @server.run logic
+      rescue Exception
+        print $!, "\n"
+        print $!.backtrace.join("\n")
+        raise
+      end
+    end
+    Kernel.sleep 0.05  # Wait for the server to start up.
+    @client.connect
+    assert_equal apdu_response, @client.exchange_apdu(apdu_request)
+    @client.disconnect
+    Kernel.sleep 0.05  # Wait for the server to process the disconnect.
+    assert_equal [:start, apdu_request, :end], logic.received
+  end
+  def test_java_card_integration
+    apdu_request = [0x00, 0x31, 0x41, 0x59, 0x00]
+    apdu_response = [0x27, 0x90, 0x00]
+    logic = Logic.new([apdu_response])
+    Thread.new { @server.run logic }
+    Kernel.sleep 0.05  # Wait for the server to start up.
+    @client.connect
+    assert_equal [0x27],
+                 @client.applet_apdu!(:ins => 0x31, :p1 => 0x41, :p2 => 0x59)
+    @client.disconnect
+    Kernel.sleep 0.05  # Wait for the server to process the disconnect.
+    assert_equal [:start, apdu_request, :end], logic.received
+  end
+end

data/timings/blank_bound_secpack.rb ADDED Viewed

@@ -0,0 +1,18 @@
+class TemTimings
+  def time_blank_bound_secpack
+    secpack = @tem.assemble { |s|
+      s.ldbc 0
+      s.outnew
+      s.halt
+      s.label :secret
+      s.zeros :tem_ubyte, 50
+      s.label :plain
+      s.zeros :tem_ubyte, 220
+      s.stack 1
+    }
+    secpack.bind @tem.pubek, :secret, :plain
+    print "SECpack has #{secpack.body.length} bytes, runs 3 instructions and produces 0 bytes\n"
+    do_timing { @tem.execute secpack }
+  end
+end

data/timings/blank_sec.rb ADDED Viewed

@@ -0,0 +1,14 @@
+class TemTimings
+  def time_blank_sec
+    secpack = @tem.assemble { |s|
+      s.ldbc 0
+      s.outnew
+      s.halt
+      s.zeros :tem_ubyte, 70
+      s.stack 1
+    }
+    print "SECpack has #{secpack.body.length} bytes, runs 3 instructions and produces 0 bytes\n"
+    do_timing { @tem.execute secpack }
+  end
+end

data/timings/devchip_decrypt.rb ADDED Viewed

@@ -0,0 +1,9 @@
+class TemTimings
+  def time_devchip_decrypt
+    pubek = @tem.pubek
+    data = (1...120).map { |i| (i * i * 217 + i * 661 + 393) % 256 }
+    encrypted_data = pubek.encrypt data
+    print "Encrypted blob has #{encrypted_data.length} bytes\n"
+    do_timing { @tem.devchip_decrypt encrypted_data, 0 }
+  end
+end

data/timings/post_buffer.rb ADDED Viewed

@@ -0,0 +1,10 @@
+class TemTimings
+  def time_post_buffer
+    data = (0...490).map { |i| (39 * i * i + 91 * i + 17) % 256 }
+    p @tem.stat_buffers
+    do_timing do
+      buffer_id = @tem.post_buffer(data)
+      @tem.release_buffer buffer_id
+    end
+  end
+end

data/timings/simple_apdu.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class TemTimings
+  def time_simple_apdu
+    do_timing { @tem.get_tag_length }
+  end
+end

data/timings/timings.rb ADDED Viewed

@@ -0,0 +1,64 @@
+require 'tem_ruby'
+require 'timings/blank_bound_secpack.rb'
+require 'timings/blank_sec.rb'
+require 'timings/devchip_decrypt.rb'
+require 'timings/post_buffer.rb'
+require 'timings/simple_apdu.rb'
+require 'timings/vm_perf.rb'
+require 'timings/vm_perf_bound.rb'
+class TemTimings
+  def setup
+    @tem = Tem.auto_tem
+    @tem.kill
+    @tem.activate
+    @tem.emit
+  end
+  def teardown
+    @tem.kill
+    @tem.disconnect if @tem
+  end
+  def do_timing
+    @tem.flush_buffers
+    n = 10
+    loop do
+      timings = (0...3).map do |i|
+        t_start = Time.now
+        n.times do
+          yield
+        end
+        t_delta = Time.now - t_start
+      end
+      avg_time = timings.inject { |a,v| a + v } / timings.length
+      max_diff = timings.map { |t| (t - avg_time).abs }.max
+      print "%8d: %3.8fs per run, %3.8fs uncertainty (%2.5f%%)\n" % [n, avg_time / n, max_diff / n, 100 * max_diff / avg_time]
+      return avg_time unless max_diff / avg_time >= 0.01
+      n *= 2
+    end
+  end
+  def self.all_timings
+    timings = {}
+    t = TemTimings.new
+    t.setup
+    t.methods.select { |m| m =~ /time_/ }.each do |m|
+      print "Timing: #{m[5..-1]}...\n"
+      timings[m] = t.send m.to_sym
+    end
+    t.teardown
+    timings
+  end
+end
+if __FILE__ == $0
+  timings = TemTimings.all_timings
+  timings.map { |k, v| [k.to_s, v] }.sort.each do |timing|
+    print "#{timing.first}: #{'%.5f' % timing.last}s\n"
+  end
+end

data/timings/vm_perf.rb ADDED Viewed

@@ -0,0 +1,140 @@
+class TemTimings
+  def time_vm_perf
+    secpack = @tem.assemble { |s|
+      s.ldwc 48 * 10
+      s.outnew
+      s.ldwc 10 # number of times to loop (4 instructions in loop)
+      s.label :main_loop
+      # arithmetic (18 instructions, 10 bytes out)
+      s.ldwc 0x1234
+      s.ldwc 0x5678
+      s.dupn :n => 2
+      s.add
+      s.outw
+      s.sub
+      s.outw
+      s.ldwc 0x0155
+      s.ldwc 0x02AA
+      s.mul
+      s.outw
+      s.ldwc 0x390C
+      s.ldwc 0x00AA
+      s.dupn :n => 2
+      s.div
+      s.outw
+      s.mod
+      s.outw
+      # memory (28 instructions, 16 bytes out)
+      s.ldwc 0x55AA
+      s.stw :clobber
+      s.ldb :clobber
+      s.outw
+      s.ldw :clobber
+      s.outw
+      s.ldbc 0xA5 - (1 << 8)
+      s.stb :clobber
+      s.ldw :clobber
+      s.outw
+      s.ldwc :clobber2
+      s.dupn :n => 1
+      s.dupn :n => 2
+      s.ldwc 0x9966 - (1 << 16)
+      s.stwv
+      s.ldbv
+      s.outw
+      s.ldbc 0x98 - (1 << 8)
+      s.stbv
+      s.ldwv
+      s.outw
+      s.ldwc 0x1122
+      s.ldwc 0x3344
+      s.ldwc 0x5566
+      s.flipn :n => 3
+      s.outw
+      s.outw
+      s.outw
+      # memory comparisons (22 instructions, 16 bytes out)
+      s.ldwc :const => 6
+      s.ldwc :cmp_med
+      s.ldwc :cmp_lo
+      s.mcmpvb
+      s.outw
+      s.mcmpfxb :size => 6, :op1 => :cmp_med, :op2 => :cmp_hi
+      s.outw
+      s.ldwc :const => 4
+      s.ldwc :cmp_lo
+      s.ldwc :cmp_med
+      s.mcmpvb
+      s.outw
+      s.mcfxb :size => 6, :from => :cmp_hi, :to => :copy_buf
+      s.pop
+      s.outfxb :size => 6, :from => :copy_buf
+      s.ldwc :const => 4
+      s.ldwc :cmp_hi
+      s.ldwc :copy_buf2
+      s.mcvb
+      s.pop
+      s.outfxb :size => 4, :from => :copy_buf2
+      # jumps (30 instructions, 6 bytes) from 6 * (5 instructions, 1 byte)
+      failed = 0xFA - (1 << 8)
+      [
+        [:ja,  [1, 1, failed]],
+        [:jae, [1, 4, failed]],
+        [:jb,  [1, failed, 7]],
+        [:jbe, [1, failed, 10]],
+        [:jz,  [1, failed, 13]],
+        [:jne, [1, 16, failed]],
+      ].each do |op_line|
+        op = op_line.shift
+        op_line.each_index do |i|
+          then_label = "#{op}_l#{i}_t".to_sym
+          out_label  = "#{op}_l#{i}_o".to_sym
+          s.ldbc op_line[i][0]
+          s.send op, :to => then_label
+          s.ldbc op_line[i][2]
+          s.jmp :to => out_label
+          s.label then_label
+          s.ldbc op_line[i][1]
+          s.label out_label
+          s.outb
+        end
+      end
+      # loop back
+      s.ldbc 1
+      s.sub
+      s.dupn :n => 1
+      s.ja :to => :main_loop
+      s.label :done
+      s.halt
+      s.label :cmp_lo
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2C, 0x12]
+      s.label :cmp_med
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2D, 0x11]
+      s.label :cmp_hi
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2E, 0x10]
+      s.label :cmp_hi2
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2E, 0x10]
+      s.label :copy_buf
+      s.zeros :tem_ubyte, 6
+      s.label :copy_buf2
+      s.zeros :tem_ubyte, 4
+      s.label :clobber
+      s.zeros :tem_ubyte, 2
+      s.label :clobber2
+      s.zeros :tem_ubyte, 2
+      s.label :stack
+      s.stack 12
+    }
+    print "SECpack has #{secpack.body.length} bytes, runs 1020 instructions and produces 470 bytes\n"
+    do_timing { @tem.execute secpack }
+  end
+end

data/timings/vm_perf_bound.rb ADDED Viewed

@@ -0,0 +1,141 @@
+class TemTimings
+  def time_vm_perf_bound
+    secpack = @tem.assemble { |s|
+      s.ldwc 48 * 10
+      s.outnew
+      s.ldwc 10 # number of times to loop (4 instructions in loop)
+      s.label :main_loop
+      # arithmetic (18 instructions, 10 bytes out)
+      s.ldwc 0x1234
+      s.ldwc 0x5678
+      s.dupn :n => 2
+      s.add
+      s.outw
+      s.sub
+      s.outw
+      s.ldwc 0x0155
+      s.ldwc 0x02AA
+      s.mul
+      s.outw
+      s.ldwc 0x390C
+      s.ldwc 0x00AA
+      s.dupn :n => 2
+      s.div
+      s.outw
+      s.mod
+      s.outw
+      # memory (28 instructions, 16 bytes out)
+      s.ldwc 0x55AA
+      s.stw :clobber
+      s.ldb :clobber
+      s.outw
+      s.ldw :clobber
+      s.outw
+      s.ldbc 0xA5 - (1 << 8)
+      s.stb :clobber
+      s.ldw :clobber
+      s.outw
+      s.ldwc :clobber2
+      s.dupn :n => 1
+      s.dupn :n => 2
+      s.ldwc 0x9966 - (1 << 16)
+      s.stwv
+      s.ldbv
+      s.outw
+      s.ldbc 0x98 - (1 << 8)
+      s.stbv
+      s.ldwv
+      s.outw
+      s.ldwc 0x1122
+      s.ldwc 0x3344
+      s.ldwc 0x5566
+      s.flipn :n => 3
+      s.outw
+      s.outw
+      s.outw
+      # memory comparisons (22 instructions, 16 bytes out)
+      s.ldwc :const => 6
+      s.ldwc :cmp_med
+      s.ldwc :cmp_lo
+      s.mcmpvb
+      s.outw
+      s.mcmpfxb :size => 6, :op1 => :cmp_med, :op2 => :cmp_hi
+      s.outw
+      s.ldwc :const => 4
+      s.ldwc :cmp_lo
+      s.ldwc :cmp_med
+      s.mcmpvb
+      s.outw
+      s.mcfxb :size => 6, :from => :cmp_hi, :to => :copy_buf
+      s.pop
+      s.outfxb :size => 6, :from => :copy_buf
+      s.ldwc :const => 4
+      s.ldwc :cmp_hi
+      s.ldwc :copy_buf2
+      s.mcvb
+      s.pop
+      s.outfxb :size => 4, :from => :copy_buf2
+      # jumps (30 instructions, 6 bytes) from 6 * (5 instructions, 1 byte)
+      failed = 0xFA - (1 << 8)
+      [
+        [:ja,  [1, 1, failed]],
+        [:jae, [1, 4, failed]],
+        [:jb,  [1, failed, 7]],
+        [:jbe, [1, failed, 10]],
+        [:jz,  [1, failed, 13]],
+        [:jne, [1, 16, failed]],
+      ].each do |op_line|
+        op = op_line.shift
+        op_line.each_index do |i|
+          then_label = "#{op}_l#{i}_t".to_sym
+          out_label  = "#{op}_l#{i}_o".to_sym
+          s.ldbc op_line[i][0]
+          s.send op, :to => then_label
+          s.ldbc op_line[i][2]
+          s.jmp :to => out_label
+          s.label then_label
+          s.ldbc op_line[i][1]
+          s.label out_label
+          s.outb
+        end
+      end
+      # loop back
+      s.ldbc 1
+      s.sub
+      s.dupn :n => 1
+      s.ja :to => :main_loop
+      s.label :done
+      s.halt
+      s.label :cmp_lo
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2C, 0x12]
+      s.label :cmp_med
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2D, 0x11]
+      s.label :cmp_hi
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2E, 0x10]
+      s.label :cmp_hi2
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2E, 0x10]
+      s.label :copy_buf
+      s.zeros :tem_ubyte, 6
+      s.label :copy_buf2
+      s.zeros :tem_ubyte, 4
+      s.label :clobber
+      s.zeros :tem_ubyte, 2
+      s.label :clobber2
+      s.zeros :tem_ubyte, 2
+      s.label :stack
+      s.stack 12
+    }
+    secpack.bind @tem.pubek, :done, :stack
+    print "SECpack has #{secpack.body.length} bytes, runs 1020 instructions and produces 470 bytes\n"
+    do_timing { @tem.execute secpack }
+  end
+end