costan-tem_ruby 0.10.2

data/test/tem_unit/test_tem_memory_compare.rb

@@ -0,0 +1,65 @@
+require 'test/tem_test_case'
+
+module TemMemoryCompareTestCase
+  # This is also called from TemYamlSecpackTest.  
+  def _test_memory_copy_compare(yaml_roundtrip = false)    
+    sec = @tem.assemble { |s|
+      s.ldwc :const => 16
+      s.outnew
+      s.ldwc :const => 6
+      s.ldwc :cmp_med
+      s.ldwc :cmp_lo
+      s.mcmpvb
+      s.outw
+      s.mcmpfxb :size => 6, :op1 => :cmp_med, :op2 => :cmp_hi
+      s.outw
+      s.ldwc :const => 4
+      s.ldwc :cmp_lo
+      s.ldwc :cmp_med
+      s.mcmpvb
+      s.outw      
+      
+      s.mcfxb :size => 6, :from => :cmp_hi, :to => :copy_buf
+      s.pop
+      s.outfxb :size => 6, :from => :copy_buf      
+      s.ldwc :const => 4
+      s.ldwc :cmp_hi
+      s.ldwc :copy_buf2
+      s.mcvb
+      s.pop      
+      s.outfxb :size => 4, :from => :copy_buf2            
+    
+      s.halt
+      s.label :cmp_lo
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2C, 0x12]
+      s.label :cmp_med
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2D, 0x11]
+      s.label :cmp_hi
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2E, 0x10]
+      s.label :cmp_hi2
+      s.data :tem_ubyte, [0xA3, 0x2C, 0x51, 0x63, 0x2E, 0x10]
+      s.label :copy_buf
+      s.zeros :tem_ubyte, 6
+      s.label :copy_buf2
+      s.zeros :tem_ubyte, 4
+      s.stack 5
+    }
+
+    if yaml_roundtrip
+      # same test, except the SECpack is serialized/deserialized
+      yaml_sec = sec.to_yaml_str
+      sec = Tem::SecPack.new_from_yaml_str(yaml_sec)
+    end
+    result = @tem.execute sec
+    assert_equal [0x00, 0x01, 0xFF, 0xFF, 0x00, 0x00, 0xA3, 0x2C, 0x51, 0x63,
+                  0x2E, 0x10, 0xA3, 0x2C, 0x51, 0x63],
+                 result, 'memory copy/compare isn\'t working well'        
+  end  
+end
+
+class TemMemoryCompareTest < TemTestCase
+  include TemMemoryCompareTestCase
+  def test_memory_copy_compare
+    _test_memory_copy_compare false
+  end
+end

data/test/tem_unit/test_tem_output.rb

@@ -0,0 +1,32 @@
+require 'test/tem_test_case'
+
+class TemOutputTest < TemTestCase
+  def test_output
+    sec = @tem.assemble { |s|
+      s.ldbc 32
+      s.outnew
+      s.outfxb :size => 3, :from => :area1
+      s.ldbc 5
+      s.outvlb :from => :area2
+      s.ldbc 4
+      s.ldwc :area3
+      s.outvb
+      s.ldwc 0x99AA - (1 << 16)
+      s.ldwc 0xFA55 - (1 << 16)
+      s.outb
+      s.outw        
+      s.halt
+      s.label :area1
+      s.data :tem_ubyte, [0xFE, 0xCD, 0x9A]
+      s.label :area2
+      s.data :tem_ubyte, [0xAB, 0x95, 0xCE, 0xFD, 0x81]
+      s.label :area3
+      s.data :tem_ubyte, [0xEC, 0xDE, 0xAD, 0xCF]
+      s.stack 5
+    }
+    result = @tem.execute sec
+    assert_equal [0xFE, 0xCD, 0x9A, 0xAB, 0x95, 0xCE, 0xFD, 0x81, 0xEC, 0xDE,
+                  0xAD, 0xCF, 0x55, 0x99, 0xAA],
+                 result, 'the output unit isn\'t working well'    
+  end
+end

data/test/tem_unit/test_tem_yaml_secpack.rb

@@ -0,0 +1,47 @@
+require 'test/tem_test_case'
+
+require 'test/tem_unit/test_tem_bound_secpack'
+require 'test/tem_unit/test_tem_memory_compare'
+
+class TemOutputTest < TemTestCase
+  include TemBoundSecpackTestCase
+  include TemMemoryCompareTestCase
+  
+  
+  def test_yaml_secpack
+    # simple test to ensure that the body is preserved
+    sec = @tem.assemble { |s|
+      s.ldbc 10
+      s.outnew
+      s.ldwc 0x1234
+      s.ldwc 0x5678
+      s.dupn :n => 2
+      s.add
+      s.outw
+      s.sub
+      s.outw
+      s.ldwc 0x0155
+      s.ldwc 0x02AA
+      s.mul
+      s.outw
+      s.ldwc 0x390C
+      s.ldwc 0x00AA
+      s.dupn :n => 2
+      s.div
+      s.outw
+      s.mod
+      s.outw
+      s.halt
+      s.stack 5
+    }
+    yaml_sec = sec.to_yaml_str
+    sec2 = Tem::SecPack.new_from_yaml_str(yaml_sec)
+    assert_equal sec.body, sec2.body,
+                 'SECpack body corrupted during serialization'
+    
+    # re-run the memory test (reasonably large SECpack) to ensure that de-serialized SECpacks are equivalent to the originals
+    _test_memory_copy_compare true
+    # re-run the memory test (reasonably large SECpack) to ensure that serialization works on bound SECpacks
+    _test_bound_secpack true
+  end  
+end

data/test/test_driver.rb

@@ -0,0 +1,108 @@
+require 'test/tem_test_case'
+
+class DriverTest < TemTestCase
+  def test_buffers_io
+    garbage = (1...569).map { |i| (i * i * 217 + i * 661 + 393) % 256 }
+    
+    bid = @tem.post_buffer garbage
+    assert_equal garbage.length, @tem.get_buffer_length(bid), 'error in posted buffer length'
+    assert_equal garbage, @tem.read_buffer(bid), 'error in posted buffer data' 
+  
+    garbage.reverse!
+    @tem.write_buffer bid, garbage
+    assert_equal garbage, @tem.read_buffer(bid), 'error in (reverted) posted buffer data'
+    @tem.release_buffer bid
+    
+    @tem.post_buffer [1]
+    @tem.post_buffer [2]
+    @tem.flush_buffers
+    assert_equal 0, @tem.stat_buffers[:buffers].reject { |b| b[:free] }.length, 'flush_buffers left allocated buffers'
+  end
+  
+  def test_buffers_alloc
+    b_lengths = [569, 231, 455, 18, 499, 332, 47]
+    b_ids = b_lengths.map { |len| @tem.alloc_buffer(len) }
+    bstat = @tem.stat_buffers
+    
+    assert bstat[:free], 'buffer stat does not contain free memory information'
+    assert bstat[:free][:persistent].kind_of?(Numeric), 'buffer stat does not show free persistent memory'
+    assert bstat[:free][:persistent] >= 0, 'buffer stat shows negative free persistent memory'
+    assert bstat[:free][:clear_on_reset].kind_of?(Numeric), 'buffer stat does not show free clear_on_reset memory'
+    assert bstat[:free][:clear_on_reset] >= 0, 'buffer stat shows negative free clear_on_reset memory'
+    assert bstat[:free][:clear_on_deselect].kind_of?(Numeric), 'buffer stat does not show free clear_on_deselect memory'
+    assert bstat[:free][:clear_on_deselect] >= 0, 'buffer stat shows negative free clear_on_deselect memory'
+
+    b_lengths.each_index do |i|
+      assert bstat[:buffers][b_ids[i]], "buffer stat does not show an entry for a #{b_lengths[i]}-bytes buffer" 
+      assert bstat[:buffers][b_ids[i]][:type].kind_of?(Symbol), "buffer stat does not show the memory type for a #{b_lengths[i]}-bytes buffer" 
+      assert_equal b_lengths[i], bstat[:buffers][b_ids[i]][:length], "bad length in buffer stat entry for a #{b_lengths[i]}-bytes buffer" 
+      assert_equal false, bstat[:buffers][b_ids[i]][:pinned], "bad pinned flag in buffer stat entry for a #{b_lengths[i]}-bytes buffer" 
+    end
+
+    b_ids.each { |bid| @tem.release_buffer(bid) }
+  end
+  
+  def test_tag
+    garbage = (1...569).map { |i| (i * i * 217 + i * 661 + 393) % 256 }
+    
+    assert_raise(RuntimeError, 'tag returned before being set') { @tem.get_tag }
+    
+    @tem.set_tag(garbage)
+    assert_equal garbage, @tem.get_tag[2..-1], 'error in posted tag data'
+    
+    fwver = @tem.tk_firmware_ver
+    assert fwver[:major].kind_of?(Numeric) && fwver[:minor].kind_of?(Numeric), 'error in tag-backed firmware version'
+  end
+
+  def test_crypto
+    garbage = (1...415).map { |i| (i * i * 217 + i * 661 + 393) % 256 } 
+    key_pair = @tem.devchip_generate_key_pair
+    pubkey = @tem.devchip_save_key key_pair[:pubkey_id]
+    
+    encrypted_garbage = @tem.devchip_encrypt garbage, key_pair[:privkey_id]
+    decrypted_garbage = pubkey.decrypt encrypted_garbage
+    assert_equal garbage, decrypted_garbage, 'priv-encryption+pub-decryption messed up the data' 
+  
+    encrypted_garbage = pubkey.encrypt garbage
+    decrypted_garbage = @tem.devchip_decrypt encrypted_garbage, key_pair[:privkey_id]  
+    assert_equal garbage, decrypted_garbage, 'pub-encryption+priv-decryption messed up the data'
+    
+    key_stat = @tem.stat_keys
+    assert key_stat[:keys], 'key stat does not contain key information'
+    assert_equal :public, key_stat[:keys][key_pair[:pubkey_id]][:type], 'key stat reports wrong type for public key'
+    assert_equal :private, key_stat[:keys][key_pair[:privkey_id]][:type], 'key stat reports wrong type for private key'
+    assert_in_delta 2, 2048, key_stat[:keys][key_pair[:pubkey_id]][:bits], 'key stat reports wrong size for public key'
+    assert_in_delta 2, 2048, key_stat[:keys][key_pair[:privkey_id]][:bits], 'key stat reports wrong size for private key'
+    
+    [:pubkey_id, :privkey_id].each { |ki| @tem.devchip_release_key key_pair[ki] }
+  end
+  
+  def test_crypto_abi
+    ekey = OpenSSL::PKey::RSA.generate(2048, 65537)
+    pubk = Tem::Key.new_from_ssl_key ekey.public_key
+    privk = Tem::Key.new_from_ssl_key ekey
+    
+    # array and string encryption/decryption
+    garbage = (1...569).map { |i| (i * i * 217 + i * 661 + 393) % 256 }
+    [garbage, garbage.pack('C*')].each do |g|
+      encrypted_garbage = pubk.encrypt g
+      decrypted_garbage = privk.decrypt encrypted_garbage
+      assert_equal g, decrypted_garbage, 'pub-encryption+priv-decryption messed up the data'
+      encrypted_garbage = privk.encrypt g
+      decrypted_garbage = pubk.decrypt encrypted_garbage
+      assert_equal g, decrypted_garbage, 'priv-encryption+pub-decryption messed up the data'
+    end
+    
+    # test key serialization/deserialization through encryption/decryption
+    pubk_ys = pubk.to_yaml_str
+    pubk2 = Tem::Keys::Asymmetric.new_from_yaml_str(pubk_ys)
+    privk_ys = privk.to_yaml_str
+    privk2 = Tem::Keys::Asymmetric.new_from_yaml_str(privk_ys)
+    encrypted_garbage = pubk.encrypt garbage
+    decrypted_garbage = privk2.decrypt encrypted_garbage
+    assert_equal garbage, decrypted_garbage, 'pub-encryption+priv-decryption messed up the data'
+    encrypted_garbage = privk.encrypt garbage
+    decrypted_garbage = pubk2.decrypt encrypted_garbage
+    assert_equal garbage, decrypted_garbage, 'priv-encryption+pub-decryption messed up the data'
+  end
+end

data/test/test_exceptions.rb

@@ -0,0 +1,35 @@
+require 'test/tem_test_case'
+
+class ExceptionsTest < TemTestCase
+  def test_trace
+    # test the exception handling mechanism
+    bad_sec = @tem.assemble { |s|
+      s.ldbc 2
+      s.outnew
+      s.ldbc 6
+      s.outw
+      # this exceeds the address space, so it should make the TEM die
+      s.ldwc 0x7fff
+      s.ldbv 
+      s.label :bad_code 
+      s.halt
+      s.label :stack
+      s.stack 5
+    }
+    assert_raise(Tem::SecExecError) { @tem.execute bad_sec }
+
+    caught = false
+    begin
+      @tem.execute bad_sec
+    rescue Tem::SecExecError => e
+      caught = true
+      assert_equal Hash, e.trace.class, "TEM exception does not have a TEM trace"
+      assert_equal 2, e.trace[:out], "Bad output buffer position in TEM trace"
+      assert_equal bad_sec.label_address(:bad_code), e.trace[:ip], "Bad instruction pointer in TEM trace"
+      assert_equal bad_sec.label_address(:stack), e.trace[:sp], "Bad instruction pointer in TEM trace"
+      assert_equal Hash, e.buffer_state.class, "TEM exception does not have buffer state information"
+      assert_equal Hash, e.key_state.class, "TEM exception does not have key state information"
+    end
+    assert caught, "Executing a bad SECpack did not raise a SecExecError"
+  end  
+end

data/test/transport/test_auto_configurator.rb

@@ -0,0 +1,114 @@
+require 'test/unit'
+
+require 'rubygems'
+require 'flexmock/test_unit'
+
+require 'tem_ruby'
+
+class AutoConfiguratorTest < Test::Unit::TestCase
+  AutoConfigurator = Tem::Transport::AutoConfigurator
+  PcscTransport = Tem::Transport::PcscTransport
+  JcopRemoteTransport = Tem::Transport::JcopRemoteTransport
+    
+  def setup
+    @env_var = AutoConfigurator::ENVIRONMENT_VARIABLE_NAME 
+  end
+
+  def test_env_configuration_blank
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return(nil)
+    assert_equal nil, AutoConfigurator.env_configuration
+  end
+  def test_env_configuration_remote_port
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return(':6996')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => '127.0.0.1', :port => 6996}, conf[:opts])
+  end  
+  def test_env_configuration_remote_noport
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return(':')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => '127.0.0.1', :port => 8050}, conf[:opts])
+  end
+  def test_env_configuration_remote_host_port
+    flexmock(ENV).should_receive(:[]).with(@env_var).
+                  and_return('@moonstone:6996')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => 'moonstone', :port => 6996}, conf[:opts])
+  end
+  def test_env_configuration_remote_host_noport    
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return('@moonstone')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => 'moonstone', :port => 8050}, conf[:opts])
+  end
+  def test_env_configuration_remote_ipv6_port
+    flexmock(ENV).should_receive(:[]).with(@env_var).
+                  and_return('@ff80::0080:6996')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => 'ff80::0080', :port => 6996}, conf[:opts])
+  end
+  def test_env_configuration_remote_ipv6_noport
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return('@ff80::0080:')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => 'ff80::0080', :port => 8050}, conf[:opts])
+  end
+
+  def test_env_configuration_pcsc_reader_index
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return('#1')
+    conf = AutoConfigurator.env_configuration
+    assert_equal PcscTransport, conf[:class]
+    assert_equal({:reader_index => 0}, conf[:opts])
+  end
+  def test_env_configuration_pcsc_reader_name
+    reader_name = 'Awesome Reader'
+    flexmock(ENV).should_receive(:[]).with(@env_var).
+                and_return(reader_name)
+    conf = AutoConfigurator.env_configuration
+    assert_equal PcscTransport, conf[:class]
+    assert_equal({:reader_name => reader_name}, conf[:opts])
+  end
+  
+  def test_try_transport
+    transport = Object.new
+    flexmock(PcscTransport).should_receive(:new).with(:reader_index => 1).
+                            and_return(transport)
+    flexmock(transport).should_receive(:connect)
+    flexmock(PcscTransport).should_receive(:new).with(:reader_index => 2).
+                            and_raise('Boom headshot')
+    failport = Object.new
+    flexmock(PcscTransport).should_receive(:new).with(:reader_index => 3).
+                            and_return(failport)    
+    flexmock(failport).should_receive(:connect).and_raise('Lag')
+    
+    config = { :class => PcscTransport, :opts => {:reader_index => 1} }
+    assert_equal transport, AutoConfigurator.try_transport(config)
+    config = { :class => PcscTransport, :opts => {:reader_index => 2} }
+    assert_equal nil, AutoConfigurator.try_transport(config)
+    config = { :class => PcscTransport, :opts => {:reader_index => 3} }
+    assert_equal nil, AutoConfigurator.try_transport(config)
+  end
+  
+  def test_auto_transport_uses_env
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return('#1')
+    transport = Object.new
+    flexmock(PcscTransport).should_receive(:new).with(:reader_index => 0).
+                            and_return(transport)
+    flexmock(transport).should_receive(:connect)
+    
+    assert_equal transport, AutoConfigurator.auto_transport
+  end
+  
+  def test_auto_transport_with_defaults
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return(nil)
+    transport = Object.new
+    flexmock(JcopRemoteTransport).should_receive(:new).and_return(nil)
+    flexmock(PcscTransport).should_receive(:new).and_return(transport)
+    flexmock(transport).should_receive(:connect)    
+        
+    assert_equal transport, AutoConfigurator.auto_transport
+  end
+end

data/test/transport/test_java_card_mixin.rb

@@ -0,0 +1,90 @@
+require 'test/unit'
+
+require 'rubygems'
+require 'flexmock/test_unit'
+
+require 'tem_ruby'
+
+class JavaCardMixinTest < Test::Unit::TestCase
+  JavaCardMixin = Tem::Transport::JavaCardMixin
+  
+  # The sole purpose of this class is wrapping the mixin under test.
+  class MixinWrapper
+    include JavaCardMixin
+  end
+  
+  def setup
+  end
+
+  def test_serialize_apdu
+    s = lambda { |apdu| JavaCardMixin.serialize_apdu apdu }
+
+    assert_equal [0x00, 0x05, 0x00, 0x00, 0x00], s[:ins => 0x05],
+                 'Specified INS'
+    assert_equal [0x00, 0x09, 0x00, 0x01, 0x00], s[:ins => 0x09, :p2 => 0x01],
+                 'Specified INS and P2'
+    assert_equal [0x00, 0xF9, 0xAC, 0xEF, 0x00],
+                 s[:ins => 0xF9, :p1 => 0xAC, :p2 => 0xEF],
+                 'Specified INS, P1, P2'
+    assert_equal [0x00, 0xFA, 0xAD, 0xEC, 0x00],
+                 s[:ins => 0xFA, :p12 => [0xAD, 0xEC]],
+                 'Specified INS, P1+P2'
+    assert_equal [0x00, 0x0E, 0x00, 0x00, 0x04, 0x33, 0x95, 0x81, 0x63],
+                 s[:ins => 0x0E, :data => [0x33, 0x95, 0x81, 0x63]],
+                 'Specified INS and DATA'
+    assert_equal [0x80, 0x0F, 0xBA, 0xBE, 0x03, 0x31, 0x41, 0x59],
+                 s[:cla => 0x80, :ins => 0x0F, :p1 => 0xBA, :p2 => 0xBE,
+                   :data => [0x31, 0x41, 0x59]],
+                 'Specified everything'
+    assert_raise(RuntimeError, 'Did not specify INS') do
+      s[:cla => 0x80, :p1 => 0xBA, :p2 => 0xBE, :data => [0x31, 0x41, 0x59]]
+    end
+  end
+  
+  def test_deserialize_response
+    d = lambda { |response| JavaCardMixin.deserialize_response response }
+    
+    assert_equal({ :status => 0x9000, :data => [] }, d[[0x90, 0x00]])
+    assert_equal({ :status => 0x8631, :data => [] }, d[[0x86, 0x31]])
+    assert_equal({ :status => 0x9000, :data => [0x31, 0x41, 0x59, 0x26] },
+                 d[[0x31, 0x41, 0x59, 0x26, 0x90, 0x00]])
+    assert_equal({ :status => 0x7395, :data => [0x31, 0x41, 0x59, 0x26] },
+                 d[[0x31, 0x41, 0x59, 0x26, 0x73, 0x95]])
+  end
+  
+  def win_mock
+    mock = MixinWrapper.new
+    flexmock(mock).should_receive(:exchange_apdu).
+                   with([0x00, 0xF9, 0xAC, 0x00, 0x02, 0x31, 0x41]).
+                   and_return([0x67, 0x31, 0x90, 0x00])
+    mock
+  end  
+  def win_apdu
+    {:ins => 0xF9, :p1 => 0xAC, :data => [0x31, 0x41]}
+  end
+  
+  def lose_mock
+    mock = MixinWrapper.new
+    flexmock(mock).should_receive(:exchange_apdu).
+                   with([0x00, 0xF9, 0xAC, 0x00, 0x02, 0x31, 0x41]).
+                   and_return([0x86, 0x31])
+    mock
+  end  
+  def lose_apdu
+    win_apdu
+  end
+
+  def test_applet_apdu
+    assert_equal({:status => 0x9000, :data => [0x67, 0x31]},
+                 win_mock.applet_apdu(win_apdu))
+    assert_equal({:status => 0x8631, :data => []},
+                 lose_mock.applet_apdu(lose_apdu))
+  end
+  
+  def test_applet_apdu_bang
+    assert_equal [0x67, 0x31], win_mock.applet_apdu!(win_apdu)
+    assert_raise(RuntimeError) do
+      lose_mock.applet_apdu!(lose_apdu)
+    end
+  end
+end