pkcs11 0.1.0-x86-mswin32 → 0.2.0-x86-mswin32

data/ext/pk11.c

@@ -6,28 +6,36 @@
   #include <dlfcn.h>
 #endif
 
-static const char *VERSION = "0.1.0";
+static const char *VERSION = "0.2.0";
 
 static ID sNEW;
 static VALUE mPKCS11;
 static VALUE cPKCS11;
 static VALUE ePKCS11Error;
 
+static VALUE cCStruct;
 static VALUE cCK_ATTRIBUTE;
 static VALUE cCK_C_INITIALIZE_ARGS;
+static VALUE aCK_C_INITIALIZE_ARGS_members;
 static VALUE cCK_INFO;
+static VALUE aCK_INFO_members;
 static VALUE cCK_TOKEN_INFO;
+static VALUE aCK_TOKEN_INFO_members;
 static VALUE cCK_SLOT_INFO;
+static VALUE aCK_SLOT_INFO_members;
 static VALUE cCK_MECHANISM_INFO;
+static VALUE aCK_MECHANISM_INFO_members;
 static VALUE cCK_SESSION_INFO;
+static VALUE aCK_SESSION_INFO_members;
 static VALUE cCK_MECHANISM;
+static VALUE aCK_MECHANISM_members;
 
 #define HANDLE2NUM(n) ULONG2NUM(n)
 #define NUM2HANDLE(n) PKNUM2ULONG(n)
 #define PKNUM2ULONG(n) pkcs11_num2ulong(n)
 #define pkcs11_new_struct(klass) rb_funcall(klass, sNEW, 0)
 
-VALUE pkcs11_return_value_to_name(CK_RV);
+VALUE pkcs11_return_value_to_class(CK_RV, VALUE);
 
 static VALUE
 pkcs11_num2ulong(VALUE val)
@@ -41,9 +49,9 @@ pkcs11_num2ulong(VALUE val)
 static void
 pkcs11_raise(CK_RV rv)
 {
-  VALUE message;
-  message = pkcs11_return_value_to_name(rv);
-  rb_raise(ePKCS11Error, "%s", RSTRING_PTR(message));
+  VALUE class;
+  class = pkcs11_return_value_to_class(rv, ePKCS11Error);
+  rb_raise(class, "%li", rv);
 }
 
 ///////////////////////////////////////
@@ -56,16 +64,31 @@ typedef struct {
 #define GetFunction(obj, name, sval) \
 { \
   pkcs11_ctx *ctx; \
-  Data_Get_Struct(self, pkcs11_ctx, ctx); \
-  if (!ctx->functions) rb_raise(ePKCS11Error, "library already closed"); \
+  Data_Get_Struct(obj, pkcs11_ctx, ctx); \
+  if (!ctx->functions) rb_raise(ePKCS11Error, "no function list"); \
   sval = (CK_##name)ctx->functions->name; \
   if (!sval) rb_raise(ePKCS11Error, #name " is not supported."); \
-} while(0)
+}
+
+#ifdef HAVE_RB_THREAD_BLOCKING_REGION
+  #define CallFunction(name, func, rv, ...) \
+  { \
+    struct tbr_##name##_params params = { \
+      func, {__VA_ARGS__}, CKR_FUNCTION_FAILED \
+    }; \
+    rb_thread_blocking_region(tbf_##name, &params, RUBY_UBF_PROCESS, 0); \
+    rv = params.retval; \
+  }
+
+#else
+  #define CallFunction(name, func, rv, ...) \
+    rv = func(__VA_ARGS__)
+
+#endif
 
 static void
 pkcs11_ctx_unload_library(pkcs11_ctx *ctx)
 {
-  if(ctx->functions) ctx->functions->C_Finalize(NULL_PTR);
 #ifdef compile_for_windows
   if(ctx->module) FreeLibrary(ctx->module);
 #else
@@ -78,18 +101,43 @@ pkcs11_ctx_unload_library(pkcs11_ctx *ctx)
 static void
 pkcs11_ctx_free(pkcs11_ctx *ctx)
 {
+  if(ctx->functions) ctx->functions->C_Finalize(NULL_PTR);
   pkcs11_ctx_unload_library(ctx);
   free(ctx);
 }
 
+/* rb_define_method(cPKCS11, "C_Finalize", pkcs11_C_Finalize, 0); */
+/*
+ * Is called to indicate that an application is finished with the Cryptoki library.
+ * @see PKCS11::Library#close
+ */
 static VALUE
 pkcs11_C_Finalize(VALUE self)
+{
+  CK_C_Finalize func;
+  CK_RV rv;
+
+  GetFunction(self, C_Finalize, func);
+  CallFunction(C_Finalize, func, rv, NULL_PTR);
+  if (rv != CKR_OK) pkcs11_raise(rv);
+
+  return self;
+}
+
+/* rb_define_method(cPKCS11, "unload_library", pkcs11_unload_library, 0); */
+/*
+ * Unloads the Cryptoki library from process memory.
+ * @see PKCS11::Library#close
+ */
+static VALUE
+pkcs11_unload_library(VALUE self)
 {
   pkcs11_ctx *ctx;
-  
+
   Data_Get_Struct(self, pkcs11_ctx, ctx);
   pkcs11_ctx_unload_library(ctx);
-  return Qnil;
+
+  return self;
 }
 
 static VALUE
@@ -107,26 +155,18 @@ pkcs11_library_new(int argc, VALUE *argv, VALUE self)
   return rb_funcall2(cPKCS11, sNEW, argc, argv);
 }
 
-static VALUE 
-pkcs11_initialize(int argc, VALUE *argv, VALUE self)
+/* rb_define_method(cPKCS11, "load_library", pkcs11_load_library, 0); */
+/*
+ * Load a Cryptoki library into process memory.
+ * @see PKCS11::Library#initialize
+ */
+static VALUE
+pkcs11_load_library(VALUE self, VALUE path)
 {
-  VALUE path, init_args;
-  pkcs11_ctx *ctx;
   const char *so_path;
-  CK_C_GetFunctionList func;
-  CK_C_INITIALIZE_ARGS *args;
-  CK_RV rv;
+  pkcs11_ctx *ctx;
 
-  rb_scan_args(argc, argv, "11", &path, &init_args);
   so_path = StringValuePtr(path);
-  if (NIL_P(init_args)) args = NULL_PTR;
-  else {
-    if (!rb_obj_is_kind_of(init_args, cCK_C_INITIALIZE_ARGS))
-      rb_raise(rb_eArgError, "2nd arg must be a PKCS11::CK_C_INITIALIZE_ARGS");
-    args = DATA_PTR(init_args);
-  }
-  args = NIL_P(init_args) ? NULL_PTR : DATA_PTR(init_args);
-
   Data_Get_Struct(self, pkcs11_ctx, ctx);
 #ifdef compile_for_windows
   if((ctx->module = LoadLibrary(so_path)) == NULL) {
@@ -136,6 +176,31 @@ pkcs11_initialize(int argc, VALUE *argv, VALUE self)
                 (LPTSTR)&error_text, sizeof(error_text), NULL);
     rb_raise(ePKCS11Error, error_text);
   }
+#else
+  if((ctx->module = dlopen(so_path, RTLD_NOW)) == NULL) {
+    rb_raise(ePKCS11Error, "%s", dlerror());
+  }
+#endif
+
+  return self;
+}
+
+/* rb_define_method(cPKCS11, "C_GetFunctionList", pkcs11_C_GetFunctionList, 0); */
+/*
+ * Obtains a pointer to the Cryptoki library's list of function pointers. The pointer
+ * is stored in the {PKCS11::Library} object and used to call any Cryptoki functions.
+ *
+ * @see PKCS11::Library#initialize
+ */
+static VALUE
+pkcs11_C_GetFunctionList(VALUE self)
+{
+  pkcs11_ctx *ctx;
+  CK_RV rv;
+  CK_C_GetFunctionList func;
+
+  Data_Get_Struct(self, pkcs11_ctx, ctx);
+#ifdef compile_for_windows
   func = (CK_C_GetFunctionList)GetProcAddress(ctx->module, "C_GetFunctionList");
   if(!func){
     char error_text[999] = "GetProcAddress() error";
@@ -145,14 +210,52 @@ pkcs11_initialize(int argc, VALUE *argv, VALUE self)
     rb_raise(ePKCS11Error, error_text);
   }
 #else
-  if((ctx->module = dlopen(so_path, RTLD_NOW)) == NULL) {
-    rb_raise(ePKCS11Error, "%s", dlerror());
-  }
   func = (CK_C_GetFunctionList)dlsym(ctx->module, "C_GetFunctionList");
   if(!func) rb_raise(ePKCS11Error, "%s", dlerror());
 #endif
-  if((rv = func(&(ctx->functions))) != CKR_OK) pkcs11_raise(rv);
-  if ((rv = ctx->functions->C_Initialize(args)) != CKR_OK) pkcs11_raise(rv);
+  CallFunction(C_GetFunctionList, func, rv, &(ctx->functions));
+  if (rv != CKR_OK) pkcs11_raise(rv);
+
+  return self;
+}
+
+/* rb_define_method(cPKCS11, "C_Initialize", pkcs11_C_Initialize, 0); */
+/*
+ * Initializes the Cryptoki library.
+ */
+static VALUE
+pkcs11_C_Initialize(int argc, VALUE *argv, VALUE self)
+{
+  VALUE init_args;
+  CK_C_Initialize func;
+  CK_C_INITIALIZE_ARGS *args;
+  CK_RV rv;
+
+  rb_scan_args(argc, argv, "01", &init_args);
+  if (NIL_P(init_args)) args = NULL_PTR;
+  else {
+    if (!rb_obj_is_kind_of(init_args, cCK_C_INITIALIZE_ARGS))
+      rb_raise(rb_eArgError, "2nd arg must be a PKCS11::CK_C_INITIALIZE_ARGS");
+    args = DATA_PTR(init_args);
+  }
+  GetFunction(self, C_Initialize, func);
+  CallFunction(C_Initialize, func, rv, args);
+  if (rv != CKR_OK) pkcs11_raise(rv);
+
+  return self;
+}
+
+static VALUE
+pkcs11_initialize(int argc, VALUE *argv, VALUE self)
+{
+  VALUE path, init_args;
+
+  rb_scan_args(argc, argv, "02", &path, &init_args);
+  if( !NIL_P(path) ){
+    pkcs11_load_library(self, path);
+    pkcs11_C_GetFunctionList(self);
+    pkcs11_C_Initialize(1, &init_args, self);
+  }
 
   return self;
 }
@@ -166,7 +269,7 @@ pkcs11_C_GetInfo(VALUE self)
 
   GetFunction(self, C_GetInfo, func);
   info = pkcs11_new_struct(cCK_INFO);
-  rv = func((CK_INFO_PTR)DATA_PTR(info));
+  CallFunction(C_GetInfo, func, rv, (CK_INFO_PTR)DATA_PTR(info));
   if (rv != CKR_OK) pkcs11_raise(rv);
 
   return info;
@@ -179,14 +282,14 @@ pkcs11_C_GetSlotList(VALUE self, VALUE presented)
   CK_SLOT_ID_PTR pSlotList;
   CK_RV rv;
   CK_C_GetSlotList func;
-  int i;
+  CK_ULONG i;
   VALUE ary = rb_ary_new();
 
   GetFunction(self, C_GetSlotList, func);
-  rv = func(CK_FALSE, NULL_PTR, &ulSlotCount);
+  CallFunction(C_GetSlotList, func, rv, CK_FALSE, NULL_PTR, &ulSlotCount);
   if (rv != CKR_OK) pkcs11_raise(rv);
   pSlotList = (CK_SLOT_ID_PTR)malloc(ulSlotCount*sizeof(CK_SLOT_ID));
-  rv = func(RTEST(presented) ? CK_TRUE : CK_FALSE, pSlotList, &ulSlotCount);
+  CallFunction(C_GetSlotList, func, rv, RTEST(presented) ? CK_TRUE : CK_FALSE, pSlotList, &ulSlotCount);
   if (rv != CKR_OK) {
     free(pSlotList);
     pkcs11_raise(rv);
@@ -207,7 +310,7 @@ pkcs11_C_GetSlotInfo(VALUE self, VALUE slot_id)
 
   GetFunction(self, C_GetSlotInfo, func);
   info = pkcs11_new_struct(cCK_SLOT_INFO);
-  rv = func(NUM2HANDLE(slot_id), DATA_PTR(info));
+  CallFunction(C_GetSlotInfo, func, rv, NUM2HANDLE(slot_id), DATA_PTR(info));
   if (rv != CKR_OK) pkcs11_raise(rv);
 
   return info;
@@ -222,7 +325,7 @@ pkcs11_C_GetTokenInfo(VALUE self, VALUE slot_id)
 
   GetFunction(self, C_GetTokenInfo, func);
   info = pkcs11_new_struct(cCK_TOKEN_INFO);
-  rv = func(NUM2HANDLE(slot_id), DATA_PTR(info));
+  CallFunction(C_GetTokenInfo, func, rv, NUM2HANDLE(slot_id), DATA_PTR(info));
   if (rv != CKR_OK) pkcs11_raise(rv);
 
   return info;
@@ -236,17 +339,17 @@ pkcs11_C_GetMechanismList(VALUE self, VALUE slot_id)
   CK_MECHANISM_TYPE_PTR types;
   CK_ULONG count;
   VALUE ary;
-  int i;
+  CK_ULONG i;
 
   ary = rb_ary_new();
   GetFunction(self, C_GetMechanismList, func);
-  rv = func(NUM2HANDLE(slot_id), NULL_PTR, &count);
+  CallFunction(C_GetMechanismList, func, rv, NUM2HANDLE(slot_id), NULL_PTR, &count);
   if (rv != CKR_OK) pkcs11_raise(rv);
   if (count == 0) return ary;
 
   types = (CK_MECHANISM_TYPE_PTR)malloc(sizeof(CK_MECHANISM_TYPE)*count);
   if (!types) rb_sys_fail(0);
-  rv = func(NUM2HANDLE(slot_id), types, &count);
+  CallFunction(C_GetMechanismList, func, rv, NUM2HANDLE(slot_id), types, &count);
   if (rv != CKR_OK){
     free(types);
     pkcs11_raise(rv);
@@ -267,7 +370,7 @@ pkcs11_C_GetMechanismInfo(VALUE self, VALUE slot_id, VALUE type)
 
   info = pkcs11_new_struct(cCK_MECHANISM_INFO);
   GetFunction(self, C_GetMechanismInfo, func);
-  rv = func(NUM2HANDLE(slot_id), NUM2HANDLE(type), DATA_PTR(info));
+  CallFunction(C_GetMechanismInfo, func, rv, NUM2HANDLE(slot_id), NUM2HANDLE(type), DATA_PTR(info));
   if (rv != CKR_OK) pkcs11_raise(rv);
 
   return info;
@@ -282,7 +385,7 @@ pkcs11_C_InitToken(VALUE self, VALUE slot_id, VALUE pin, VALUE label)
   StringValue(pin);
   StringValue(label);
   GetFunction(self, C_InitToken, func);
-  rv = func(NUM2HANDLE(slot_id),
+  CallFunction(C_InitToken, func, rv, NUM2HANDLE(slot_id),
             (CK_UTF8CHAR_PTR)RSTRING_PTR(pin), RSTRING_LEN(pin),
             (CK_UTF8CHAR_PTR)RSTRING_PTR(label));
   if (rv != CKR_OK) pkcs11_raise(rv);
@@ -298,7 +401,7 @@ pkcs11_C_InitPIN(VALUE self, VALUE session, VALUE pin)
 
   StringValue(pin);
   GetFunction(self, C_InitPIN, func);
-  rv = func(NUM2HANDLE(session),
+  CallFunction(C_InitPIN, func, rv, NUM2HANDLE(session),
             (CK_UTF8CHAR_PTR)RSTRING_PTR(pin), RSTRING_LEN(pin));
   if (rv != CKR_OK) pkcs11_raise(rv);
 
@@ -306,14 +409,14 @@ pkcs11_C_InitPIN(VALUE self, VALUE session, VALUE pin)
 }
 
 static VALUE
-pkcs11_C_OpenSession(VALUE self, VALUE slot_id, VALUE flags) 
+pkcs11_C_OpenSession(VALUE self, VALUE slot_id, VALUE flags)
 {
   CK_C_OpenSession func;
   CK_RV rv;
   CK_SESSION_HANDLE handle;
 
   GetFunction(self, C_OpenSession, func);
-  rv = func(NUM2HANDLE(slot_id), NUM2ULONG(flags), 0, 0, &handle);
+  CallFunction(C_OpenSession, func, rv, NUM2HANDLE(slot_id), NUM2ULONG(flags), 0, 0, &handle);
   if(rv != CKR_OK) pkcs11_raise(rv);
 
   return HANDLE2NUM(handle);
@@ -327,7 +430,7 @@ pkcs11_C_Login(VALUE self, VALUE session, VALUE user_type, VALUE pin)
 
   StringValue(pin);
   GetFunction(self, C_Login, func);
-  rv = func(NUM2HANDLE(session), NUM2ULONG(user_type),
+  CallFunction(C_Login, func, rv, NUM2HANDLE(session), NUM2ULONG(user_type),
             (CK_UTF8CHAR_PTR)RSTRING_PTR(pin), RSTRING_LEN(pin));
   if(rv != CKR_OK) pkcs11_raise(rv);
 
@@ -341,7 +444,7 @@ pkcs11_C_Logout(VALUE self, VALUE session)
   CK_RV rv;
 
   GetFunction(self, C_Logout, func);
-  rv = func(NUM2HANDLE(session));
+  CallFunction(C_Logout, func, rv, NUM2HANDLE(session));
   if(rv != CKR_OK) pkcs11_raise(rv);
 
   return self;
@@ -354,7 +457,7 @@ pkcs11_C_CloseSession(VALUE self, VALUE session)
   CK_RV rv;
 
   GetFunction(self, C_CloseSession, func);
-  rv = func(NUM2HANDLE(session));
+  CallFunction(C_CloseSession, func, rv, NUM2HANDLE(session));
   if(rv != CKR_OK) pkcs11_raise(rv);
 
   return self;
@@ -367,7 +470,7 @@ pkcs11_C_CloseAllSessions(VALUE self, VALUE slot_id)
   CK_RV rv;
 
   GetFunction(self, C_CloseAllSessions, func);
-  rv = func(NUM2HANDLE(slot_id));
+  CallFunction(C_CloseAllSessions, func, rv, NUM2HANDLE(slot_id));
   if(rv != CKR_OK) pkcs11_raise(rv);
 
   return self;
@@ -382,7 +485,7 @@ pkcs11_C_GetSessionInfo(VALUE self, VALUE session)
 
   info = pkcs11_new_struct(cCK_SESSION_INFO);
   GetFunction(self, C_GetSessionInfo, func);
-  rv = func(NUM2HANDLE(session), DATA_PTR(info));
+  CallFunction(C_GetSessionInfo, func, rv, NUM2HANDLE(session), DATA_PTR(info));
   if (rv != CKR_OK) pkcs11_raise(rv);
 
   return info;
@@ -397,11 +500,12 @@ pkcs11_C_GetOperationState(VALUE self, VALUE session)
   CK_ULONG size;
 
   GetFunction(self, C_GetOperationState, func);
-  rv = func(NUM2HANDLE(session), NULL_PTR, &size);
+  CallFunction(C_GetOperationState, func, rv, NUM2HANDLE(session), NULL_PTR, &size);
   if (rv != CKR_OK) pkcs11_raise(rv);
   state = rb_str_new(0, size);
-  rv = func(NUM2HANDLE(session), (CK_BYTE_PTR)RSTRING_PTR(state), &size);
+  CallFunction(C_GetOperationState, func, rv, NUM2HANDLE(session), (CK_BYTE_PTR)RSTRING_PTR(state), &size);
   if (rv != CKR_OK) pkcs11_raise(rv);
+  rb_str_set_len(state, size);
 
   return state;
 }
@@ -414,9 +518,9 @@ pkcs11_C_SetOperationState(VALUE self, VALUE session, VALUE state, VALUE enc_key
 
   StringValue(state);
   GetFunction(self, C_SetOperationState, func);
-  rv = func(NUM2HANDLE(session),
+  CallFunction(C_SetOperationState, func, rv, NUM2HANDLE(session),
             (CK_BYTE_PTR)RSTRING_PTR(state), RSTRING_LEN(state),
-            NUM2HANDLE(state), NUM2HANDLE(auth_key));
+            NUM2HANDLE(enc_key), NUM2HANDLE(auth_key));
   if (rv != CKR_OK) pkcs11_raise(rv);
 
   return self;
@@ -431,7 +535,7 @@ pkcs11_C_SetPIN(VALUE self, VALUE session, VALUE old_pin, VALUE new_pin)
   StringValue(old_pin);
   StringValue(new_pin);
   GetFunction(self, C_SetPIN, func);
-  rv = func(NUM2HANDLE(session), 
+  CallFunction(C_SetPIN, func, rv, NUM2HANDLE(session),
             (CK_UTF8CHAR_PTR)RSTRING_PTR(old_pin), RSTRING_LEN(old_pin),
             (CK_UTF8CHAR_PTR)RSTRING_PTR(new_pin), RSTRING_LEN(new_pin));
   if(rv != CKR_OK) pkcs11_raise(rv);
@@ -468,10 +572,27 @@ pkcs11_C_CreateObject(VALUE self, VALUE session, VALUE template)
   CK_RV rv;
   CK_ATTRIBUTE *tmp;
   CK_OBJECT_HANDLE handle;
- 
+
   tmp = pkcs11_attr_ary2buf(template);
   GetFunction(self, C_CreateObject, func);
-  rv = func(NUM2HANDLE(session), tmp, RARRAY_LEN(template), &handle);
+  CallFunction(C_CreateObject, func, rv, NUM2HANDLE(session), tmp, RARRAY_LEN(template), &handle);
+  free(tmp);
+  if(rv != CKR_OK) pkcs11_raise(rv);
+
+  return HANDLE2NUM(handle);
+}
+
+static VALUE
+pkcs11_C_CopyObject(VALUE self, VALUE session, VALUE object, VALUE template)
+{
+  CK_C_CopyObject func;
+  CK_RV rv;
+  CK_ATTRIBUTE *tmp;
+  CK_OBJECT_HANDLE handle;
+
+  tmp = pkcs11_attr_ary2buf(template);
+  GetFunction(self, C_CopyObject, func);
+  CallFunction(C_CopyObject, func, rv, NUM2HANDLE(session), NUM2HANDLE(object), tmp, RARRAY_LEN(template), &handle);
   free(tmp);
   if(rv != CKR_OK) pkcs11_raise(rv);
 
@@ -485,7 +606,7 @@ pkcs11_C_DestroyObject(VALUE self, VALUE session, VALUE handle)
   CK_RV rv;
 
   GetFunction(self, C_DestroyObject, func);
-  rv = func(NUM2HANDLE(session), NUM2HANDLE(handle));
+  CallFunction(C_DestroyObject, func, rv, NUM2HANDLE(session), NUM2HANDLE(handle));
   if(rv != CKR_OK) pkcs11_raise(rv);
 
   return self;
@@ -499,7 +620,7 @@ pkcs11_C_GetObjectSize(VALUE self, VALUE session, VALUE handle)
   CK_ULONG size;
 
   GetFunction(self, C_GetObjectSize, func);
-  rv = func(NUM2HANDLE(session), NUM2HANDLE(handle), &size);
+  CallFunction(C_GetObjectSize, func, rv, NUM2HANDLE(session), NUM2HANDLE(handle), &size);
   if(rv != CKR_OK) pkcs11_raise(rv);
 
   return ULONG2NUM(size);
@@ -518,7 +639,7 @@ pkcs11_C_FindObjectsInit(VALUE self, VALUE session, VALUE template)
     tmp_size = RARRAY_LEN(template);
   }
   GetFunction(self, C_FindObjectsInit, func);
-  rv = func(NUM2HANDLE(session), tmp, tmp_size);
+  CallFunction(C_FindObjectsInit, func, rv, NUM2HANDLE(session), tmp, tmp_size);
   free(tmp);
   if(rv != CKR_OK) pkcs11_raise(rv);
 
@@ -532,7 +653,7 @@ pkcs11_C_FindObjectsFinal(VALUE self, VALUE session)
   CK_RV rv;
 
   GetFunction(self, C_FindObjectsFinal, func);
-  rv = func(NUM2HANDLE(session));
+  CallFunction(C_FindObjectsFinal, func, rv, NUM2HANDLE(session));
   if(rv != CKR_OK) pkcs11_raise(rv);
 
   return self;
@@ -546,12 +667,12 @@ pkcs11_C_FindObjects(VALUE self, VALUE session, VALUE max_count)
   CK_OBJECT_HANDLE_PTR handles;
   CK_ULONG count = 0;
   VALUE ary;
-  int i;
+  CK_ULONG i;
 
   handles = (CK_OBJECT_HANDLE_PTR)
       malloc(sizeof(CK_OBJECT_HANDLE)*NUM2ULONG(max_count));
   GetFunction(self, C_FindObjects, func);
-  rv = func(NUM2HANDLE(session), handles, NUM2ULONG(max_count), &count);
+  CallFunction(C_FindObjects, func, rv, NUM2HANDLE(session), handles, NUM2ULONG(max_count), &count);
   if(rv != CKR_OK){
     free(handles);
     pkcs11_raise(rv);
@@ -578,7 +699,7 @@ pkcs11_C_GetAttributeValue(VALUE self, VALUE session, VALUE handle, VALUE templa
   tmp = pkcs11_attr_ary2buf(template);
   template_size = RARRAY_LEN(template);
   GetFunction(self, C_GetAttributeValue, func);
-  rv = func(NUM2HANDLE(session), NUM2HANDLE(handle), tmp, template_size);
+  CallFunction(C_GetAttributeValue, func, rv, NUM2HANDLE(session), NUM2HANDLE(handle), tmp, template_size);
   if(rv != CKR_OK){
     free(tmp);
     pkcs11_raise(rv);
@@ -586,10 +707,10 @@ pkcs11_C_GetAttributeValue(VALUE self, VALUE session, VALUE handle, VALUE templa
 
   for (i = 0; i < template_size; i++){
     CK_ATTRIBUTE_PTR attr = tmp + i;
-    if (attr->ulValueLen != -1)
+    if (attr->ulValueLen != (CK_ULONG)-1)
       attr->pValue = (CK_BYTE_PTR)malloc(attr->ulValueLen);
   }
-  rv = func(NUM2HANDLE(session), NUM2HANDLE(handle), tmp, template_size);
+  CallFunction(C_GetAttributeValue, func, rv, NUM2HANDLE(session), NUM2HANDLE(handle), tmp, template_size);
   if(rv != CKR_OK){
     for (i = 0; i < template_size; i++){
       CK_ATTRIBUTE_PTR attr = tmp + i;
@@ -601,7 +722,7 @@ pkcs11_C_GetAttributeValue(VALUE self, VALUE session, VALUE handle, VALUE templa
   ary = rb_ary_new();
   for (i = 0; i < template_size; i++){
     CK_ATTRIBUTE_PTR attr = tmp + i;
-    if (attr->ulValueLen != -1){
+    if (attr->ulValueLen != (CK_ULONG)-1){
       VALUE v = pkcs11_new_struct(cCK_ATTRIBUTE);
       memcpy(DATA_PTR(v), attr, sizeof(CK_ATTRIBUTE));
       rb_ary_push(ary, v);
@@ -623,7 +744,7 @@ pkcs11_C_SetAttributeValue(VALUE self, VALUE session, VALUE handle, VALUE templa
   tmp = pkcs11_attr_ary2buf(template);
   template_size = RARRAY_LEN(template);
   GetFunction(self, C_SetAttributeValue, func);
-  rv = func(NUM2HANDLE(session), NUM2HANDLE(handle), tmp, template_size);
+  CallFunction(C_SetAttributeValue, func, rv, NUM2HANDLE(session), NUM2HANDLE(handle), tmp, template_size);
   free(tmp);
   if(rv != CKR_OK) pkcs11_raise(rv);
 
@@ -637,7 +758,7 @@ pkcs11_C_SeedRandom(VALUE self, VALUE session, VALUE seed)
   CK_RV rv;
 
   GetFunction(self, C_SeedRandom, func);
-  rv = func(NUM2HANDLE(session),
+  CallFunction(C_SeedRandom, func, rv, NUM2HANDLE(session),
             (CK_BYTE_PTR)RSTRING_PTR(seed), RSTRING_LEN(seed));
   if(rv != CKR_OK) pkcs11_raise(rv);
 
@@ -653,7 +774,7 @@ pkcs11_C_GenerateRandom(VALUE self, VALUE session, VALUE size)
   CK_RV rv;
 
   GetFunction(self, C_GenerateRandom, func);
-  rv = func(NUM2HANDLE(session), (CK_BYTE_PTR)RSTRING_PTR(buf), sz);
+  CallFunction(C_GenerateRandom, func, rv, NUM2HANDLE(session), (CK_BYTE_PTR)RSTRING_PTR(buf), sz);
   if(rv != CKR_OK) pkcs11_raise(rv);
 
   return buf;
@@ -667,7 +788,7 @@ pkcs11_C_WaitForSlotEvent(VALUE self, VALUE flags)
   CK_SLOT_ID slot_id;
 
   GetFunction(self, C_WaitForSlotEvent, func);
-  rv = func(NUM2ULONG(flags), &slot_id, NULL_PTR);
+  CallFunction(C_WaitForSlotEvent, func, rv, NUM2ULONG(flags), &slot_id, NULL_PTR);
   if(rv == CKR_NO_EVENT) return Qnil;
   if(rv != CKR_OK) pkcs11_raise(rv);
 
@@ -702,7 +823,8 @@ common_init(VALUE session, VALUE mechanism, VALUE key, init_func func)
   if (!rb_obj_is_kind_of(mechanism, cCK_MECHANISM))
       rb_raise(rb_eArgError, "2nd arg must be a PKCS11::CK_MECHANISM");
   m = DATA_PTR(mechanism);
-  rv = func(NUM2HANDLE(session), m, NUM2HANDLE(key));
+  /* Use the function signature of any of the various C_*Init functions. */
+  CallFunction(C_EncryptInit, func, rv, NUM2HANDLE(session), m, NUM2HANDLE(key));
   if(rv != CKR_OK) pkcs11_raise(rv);
 
   return Qnil;
@@ -717,7 +839,7 @@ common_crypt_update(VALUE session, VALUE data, VALUE size, crypt_update_func fun
 
   StringValue(data);
   if (NIL_P(size)){
-    rv = func(NUM2HANDLE(session),
+    CallFunction(C_EncryptUpdate, func, rv, NUM2HANDLE(session),
               (CK_BYTE_PTR)RSTRING_PTR(data), RSTRING_LEN(data),
               NULL_PTR, &sz);
     if(rv != CKR_OK) pkcs11_raise(rv);
@@ -726,7 +848,7 @@ common_crypt_update(VALUE session, VALUE data, VALUE size, crypt_update_func fun
   }
   buf = rb_str_new(0, sz);
 
-  rv = func(NUM2HANDLE(session),
+  CallFunction(C_EncryptUpdate, func, rv, NUM2HANDLE(session),
             (CK_BYTE_PTR)RSTRING_PTR(data), RSTRING_LEN(data),
             (CK_BYTE_PTR)RSTRING_PTR(buf), &sz);
   if(rv != CKR_OK) pkcs11_raise(rv);
@@ -743,14 +865,14 @@ common_crypt_final(VALUE session, VALUE size, crypt_final_func func)
   VALUE buf;
 
   if (NIL_P(size)){
-    rv = func(NUM2HANDLE(session), NULL_PTR, &sz);
+    CallFunction(C_EncryptFinal, func, rv, NUM2HANDLE(session), NULL_PTR, &sz);
     if(rv != CKR_OK) pkcs11_raise(rv);
   }else{
     sz = NUM2ULONG(size);
   }
   buf = rb_str_new(0, sz);
 
-  rv = func(NUM2HANDLE(session), (CK_BYTE_PTR)RSTRING_PTR(buf), &sz);
+  CallFunction(C_EncryptFinal, func, rv, NUM2HANDLE(session), (CK_BYTE_PTR)RSTRING_PTR(buf), &sz);
   if(rv != CKR_OK) pkcs11_raise(rv);
   rb_str_set_len(buf, sz);
 
@@ -763,7 +885,7 @@ common_sign_update(VALUE session, VALUE data, sign_update_func func)
   CK_RV rv;
 
   StringValue(data);
-  rv = func(NUM2HANDLE(session),
+  CallFunction(C_SignUpdate, func, rv, NUM2HANDLE(session),
             (CK_BYTE_PTR)RSTRING_PTR(data), RSTRING_LEN(data));
   if(rv != CKR_OK) pkcs11_raise(rv);
 
@@ -777,7 +899,8 @@ common_verify(VALUE session, VALUE data, VALUE sig, verify_func func)
 
   StringValue(data);
   StringValue(sig);
-  rv = func(NUM2HANDLE(session),
+  /* Use the function signature of any of the various C_Verify* functions. */
+  CallFunction(C_Verify, func, rv, NUM2HANDLE(session),
             (CK_BYTE_PTR)RSTRING_PTR(data), RSTRING_LEN(data),
             (CK_BYTE_PTR)RSTRING_PTR(sig), RSTRING_LEN(sig));
   if(rv != CKR_OK) pkcs11_raise(rv);
@@ -979,7 +1102,7 @@ pkcs11_C_DigestInit(VALUE self, VALUE session, VALUE mechanism)
   if (!rb_obj_is_kind_of(mechanism, cCK_MECHANISM))
       rb_raise(rb_eArgError, "2nd arg must be a PKCS11::CK_MECHANISM");
   m = DATA_PTR(mechanism);
-  rv = func(NUM2HANDLE(session), m);
+  CallFunction(C_DigestInit, func, rv, NUM2HANDLE(session), m);
   if(rv != CKR_OK) pkcs11_raise(rv);
 
   return self;
@@ -1009,7 +1132,7 @@ pkcs11_C_DigestKey(VALUE self, VALUE session, VALUE handle)
   CK_RV rv;
 
   GetFunction(self, C_DigestKey, func);
-  rv = func(NUM2HANDLE(session), NUM2HANDLE(handle));
+  CallFunction(C_DigestKey, func, rv, NUM2HANDLE(session), NUM2HANDLE(handle));
   if(rv != CKR_OK) pkcs11_raise(rv);
 
   return self;
@@ -1068,7 +1191,7 @@ pkcs11_C_GenerateKey(VALUE self, VALUE session, VALUE mechanism, VALUE template)
       rb_raise(rb_eArgError, "2nd arg must be a PKCS11::CK_MECHANISM");
   m = DATA_PTR(mechanism);
   tmp = pkcs11_attr_ary2buf(template);
-  rv = func(NUM2HANDLE(session), m, tmp, RARRAY_LEN(template), &handle);
+  CallFunction(C_GenerateKey, func, rv, NUM2HANDLE(session), m, tmp, RARRAY_LEN(template), &handle);
   free(tmp);
   if(rv != CKR_OK) pkcs11_raise(rv);
 
@@ -1091,7 +1214,8 @@ pkcs11_C_GenerateKeyPair(VALUE self, VALUE session, VALUE mechanism, VALUE pubke
   m = DATA_PTR(mechanism);
   pubkey_tmp = pkcs11_attr_ary2buf(pubkey_template);
   privkey_tmp = pkcs11_attr_ary2buf(privkey_template);
-  rv = func(NUM2HANDLE(session), m,
+
+  CallFunction(C_GenerateKeyPair, func, rv, NUM2HANDLE(session), m,
             pubkey_tmp, RARRAY_LEN(pubkey_template),
             privkey_tmp, RARRAY_LEN(privkey_template),
             &pubkey_handle, &privkey_handle);
@@ -1119,7 +1243,7 @@ pkcs11_C_WrapKey(VALUE self, VALUE session, VALUE mechanism, VALUE wrapping, VAL
       rb_raise(rb_eArgError, "2nd arg must be a PKCS11::CK_MECHANISM");
   m = DATA_PTR(mechanism);
   if (NIL_P(size)){
-    rv = func(NUM2HANDLE(session), m,
+    CallFunction(C_WrapKey, func, rv, NUM2HANDLE(session), m,
               NUM2HANDLE(wrapping), NUM2HANDLE(wrapped),
               (CK_BYTE_PTR)NULL_PTR, &sz);
     if(rv != CKR_OK) pkcs11_raise(rv);
@@ -1128,7 +1252,7 @@ pkcs11_C_WrapKey(VALUE self, VALUE session, VALUE mechanism, VALUE wrapping, VAL
   }
   buf = rb_str_new(0, sz);
 
-  rv = func(NUM2HANDLE(session), m,
+  CallFunction(C_WrapKey, func, rv, NUM2HANDLE(session), m,
             NUM2HANDLE(wrapping), NUM2HANDLE(wrapped),
             (CK_BYTE_PTR)RSTRING_PTR(buf), &sz);
   if(rv != CKR_OK) pkcs11_raise(rv);
@@ -1151,7 +1275,7 @@ pkcs11_C_UnwrapKey(VALUE self, VALUE session, VALUE mechanism, VALUE wrapping, V
       rb_raise(rb_eArgError, "2nd arg must be a PKCS11::CK_MECHANISM");
   m = DATA_PTR(mechanism);
   tmp = pkcs11_attr_ary2buf(template);
-  rv = func(NUM2HANDLE(session), m, NUM2HANDLE(wrapping),
+  CallFunction(C_UnwrapKey, func, rv, NUM2HANDLE(session), m, NUM2HANDLE(wrapping),
             (CK_BYTE_PTR)RSTRING_PTR(wrapped), RSTRING_LEN(wrapped),
             tmp, RARRAY_LEN(template), &h);
   free(tmp);
@@ -1174,7 +1298,7 @@ pkcs11_C_DeriveKey(VALUE self, VALUE session, VALUE mechanism, VALUE base, VALUE
       rb_raise(rb_eArgError, "2nd arg must be a PKCS11::CK_MECHANISM");
   m = DATA_PTR(mechanism);
   tmp = pkcs11_attr_ary2buf(template);
-  rv = func(NUM2HANDLE(session), m, NUM2HANDLE(base),
+  CallFunction(C_DeriveKey, func, rv, NUM2HANDLE(session), m, NUM2HANDLE(base),
             tmp, RARRAY_LEN(template), &h);
   free(tmp);
   if(rv != CKR_OK) pkcs11_raise(rv);
@@ -1241,6 +1365,10 @@ ck_attr_initialize(int argc, VALUE *argv, VALUE self)
   return self;
 }
 
+/* rb_define_method(cCK_ATTRIBUTE, "type", ck_attr_type, 0); */
+/*
+ * @return [Integer] attribute type PKCS11::CKA_*
+ */
 static VALUE
 ck_attr_type(VALUE self)
 {
@@ -1249,6 +1377,11 @@ ck_attr_type(VALUE self)
   return ULONG2NUM(attr->type);
 }
 
+/* rb_define_method(cCK_ATTRIBUTE, "value", ck_attr_value, 0); */
+/*
+ * @return [String, Integer, Boolean] attribute value
+ * @see PKCS11::Object#[]
+ */
 static VALUE
 ck_attr_value(VALUE self)
 {
@@ -1296,6 +1429,11 @@ ck_attr_value(VALUE self)
   case CKA_PIXEL_X:
   case CKA_PIXEL_Y:
   case CKA_RESOLUTION:
+  case CKA_VALUE_LEN:
+  case CKA_MODULUS_BITS:
+  case CKA_PRIME_BITS:
+  case CKA_SUBPRIME_BITS:
+  case CKA_VALUE_BITS:
     if (attr->ulValueLen == sizeof(CK_ULONG))
       return ULONG2NUM(*(CK_ULONG_PTR)(attr->pValue));
     break;
@@ -1340,25 +1478,79 @@ set_ulong(VALUE obj, VALUE value, off_t offset)
 }
 
 static VALUE
-get_version(VALUE obj, off_t offset)
+get_byte(VALUE obj, off_t offset)
 {
   char *ptr = (char*)DATA_PTR(obj);
-  CK_VERSION_PTR v;
-  char buf[64];
-  v = (CK_VERSION_PTR)(ptr+offset);
-  snprintf(buf, sizeof(buf), "%d.%d", v->major, v->minor);
-  return rb_str_new2(buf);
+  return ULONG2NUM(*(CK_BYTE_PTR)(ptr+offset));
 }
 
 static VALUE
-set_version(VALUE obj, VALUE value, off_t offset)
+set_byte(VALUE obj, VALUE value, off_t offset)
 {
-  rb_notimplement();
-  return Qnil;
+  char *ptr = (char*)DATA_PTR(obj);
+  *(CK_BYTE_PTR)(ptr+offset) = NUM2ULONG(value);
+  return value;
+}
+
+static VALUE
+get_ulong_ptr(VALUE obj, off_t offset)
+{
+  char *ptr = (char*)DATA_PTR(obj);
+  CK_ULONG_PTR p = *(CK_ULONG_PTR *)(ptr+offset);
+  if (!p) return Qnil;
+  return ULONG2NUM(*p);
+}
+
+static VALUE
+set_ulong_ptr(VALUE obj, VALUE value, const char *name, off_t offset)
+{
+  CK_ULONG_PTR *ptr = (CK_ULONG_PTR *)((char*)DATA_PTR(obj) + offset);
+  if (NIL_P(value)){
+    rb_iv_set(obj, name, value);
+    *ptr = NULL_PTR;
+    return value;
+  }
+  VALUE new_obj = Data_Make_Struct(rb_cInteger, CK_ULONG, 0, free, *ptr);
+  rb_iv_set(obj, name, new_obj);
+  **ptr = NUM2ULONG(value);
+  return value;
+}
+
+static VALUE
+get_handle(VALUE obj, off_t offset)
+{
+  char *ptr = (char*)DATA_PTR(obj);
+  return HANDLE2NUM(*(CK_OBJECT_HANDLE_PTR)(ptr+offset));
 }
 
 static VALUE
-get_string_ptr(VALUE obj, char *name, off_t offset)
+set_handle(VALUE obj, VALUE value, off_t offset)
+{
+  char *ptr = (char*)DATA_PTR(obj);
+  *(CK_OBJECT_HANDLE_PTR)(ptr+offset) = NUM2HANDLE(value);
+  return value;
+}
+
+static VALUE
+get_bool(VALUE obj, off_t offset)
+{
+  char *ptr = (char*)DATA_PTR(obj);
+  if(*(CK_BBOOL*)(ptr+offset)) return Qtrue;
+  else return Qfalse;
+}
+
+static VALUE
+set_bool(VALUE obj, VALUE value, off_t offset)
+{
+  char *ptr = (char*)DATA_PTR(obj);
+	if(value == Qfalse) *(CK_BBOOL*)(ptr+offset) = 0;
+	else if(value == Qtrue) *(CK_BBOOL*)(ptr+offset) = 1;
+	else rb_raise(rb_eArgError, "arg must be true or false");
+  return value;
+}
+
+static VALUE
+get_string_ptr(VALUE obj, const char *name, off_t offset)
 {
   char *ptr = (char*)DATA_PTR(obj);
   char *p = *(char**)(ptr+offset);
@@ -1367,17 +1559,91 @@ get_string_ptr(VALUE obj, char *name, off_t offset)
 }
 
 static VALUE
-set_string_ptr(VALUE obj, VALUE value, char *name, off_t offset)
+set_string_ptr(VALUE obj, VALUE value, const char *name, off_t offset)
 {
   char *ptr = (char*)DATA_PTR(obj);
+  if (NIL_P(value)){
+    rb_iv_set(obj, name, value);
+    *(CK_VOID_PTR*)(ptr+offset) = NULL_PTR;
+    return value;
+  }
+  StringValue(value);
+  value = rb_obj_freeze(rb_str_dup(value));
   rb_iv_set(obj, name, value);
+  *(CK_VOID_PTR*)(ptr+offset) = RSTRING_PTR(value);
+  return value;
+}
+
+static VALUE
+get_string_ptr_len(VALUE obj, const char *name, off_t offset, off_t offset_len)
+{
+  unsigned long l;
+  char *ptr = (char*)DATA_PTR(obj);
+  char *p = *(char**)(ptr+offset);
+  if (!p) return Qnil;
+  l = *(unsigned long*)(ptr+offset_len);
+  return rb_str_new(p, l);
+}
+
+static VALUE
+set_string_ptr_len(VALUE obj, VALUE value, const char *name, off_t offset, off_t offset_len)
+{
+  char *ptr = (char*)DATA_PTR(obj);
   if (NIL_P(value)){
+    rb_iv_set(obj, name, value);
     *(CK_VOID_PTR*)(ptr+offset) = NULL_PTR;
+    *(unsigned long*)(ptr+offset_len) = 0;
     return value;
   }
   StringValue(value);
   value = rb_obj_freeze(rb_str_dup(value));
+  rb_iv_set(obj, name, value);
   *(CK_VOID_PTR*)(ptr+offset) = RSTRING_PTR(value);
+  *(unsigned long*)(ptr+offset_len) = RSTRING_LEN(value);
+  return value;
+}
+
+static VALUE
+get_struct_inline(VALUE obj, VALUE klass, const char *name, off_t offset)
+{
+  char *ptr = (char*)DATA_PTR(obj) + offset;
+  VALUE inline_obj = Data_Wrap_Struct(klass, 0, 0, ptr);
+  rb_iv_set(inline_obj, name, obj);
+  return inline_obj;
+}
+
+static VALUE
+set_struct_inline(VALUE obj, VALUE klass, const char *struct_name, VALUE value, const char *name, off_t offset, int sizeofstruct)
+{
+  char *ptr = (char*)DATA_PTR(obj) + offset;
+  if (!rb_obj_is_kind_of(value, klass))
+    rb_raise(rb_eArgError, "arg must be a PKCS11::%s", struct_name);
+  memcpy(ptr, DATA_PTR(value), sizeofstruct);
+  return value;
+}
+
+static VALUE
+get_struct_ptr(VALUE obj, VALUE klass, const char *name, off_t offset)
+{
+  char *ptr = (char*)DATA_PTR(obj);
+  char *p = *(char**)(ptr+offset);
+  if (!p) return Qnil;
+  return rb_iv_get(obj, name);
+}
+
+static VALUE
+set_struct_ptr(VALUE obj, VALUE klass, const char *struct_name, VALUE value, const char *name, off_t offset)
+{
+  char *ptr = (char*)DATA_PTR(obj) + offset;
+  if (NIL_P(value)){
+    rb_iv_set(obj, name, value);
+    *(CK_VOID_PTR*)ptr = NULL_PTR;
+    return value;
+  }
+  if (!rb_obj_is_kind_of(value, klass))
+    rb_raise(rb_eArgError, "arg must be a PKCS11::%s", struct_name);
+  *(CK_VOID_PTR*)ptr = DATA_PTR(value);
+  rb_iv_set(obj, name, value);
   return value;
 }
 
@@ -1388,10 +1654,20 @@ set_string_ptr(VALUE obj, VALUE value, char *name, off_t offset)
 static VALUE s##_s_alloc(VALUE self){ \
   s *info; \
   VALUE obj = Data_Make_Struct(self, s, 0, -1, info); \
-  memset(info, 0, sizeof(s)); \
   return obj; \
+} \
+static VALUE c##s##_to_s(VALUE self){ \
+  return rb_str_new(DATA_PTR(self), sizeof(s)); \
+} \
+static VALUE c##s##_members(VALUE self){ \
+  return a##s##_members; \
 }
 
+#define PKCS11_IMPLEMENT_STRUCT_WITH_ALLOCATOR(s) \
+static VALUE c##s;\
+static VALUE a##s##_members;\
+PKCS11_IMPLEMENT_ALLOCATOR(s);
+
 #define PKCS11_IMPLEMENT_STRING_ACCESSOR(s, f) \
 static VALUE c##s##_get_##f(VALUE o){ \
   return get_string(o, OFFSET_OF(s, f), SIZE_OF(s, f)); \
@@ -1408,12 +1684,36 @@ static VALUE c##s##_set_##f(VALUE o, VALUE v){ \
   return set_ulong(o, v, OFFSET_OF(s, f)); \
 }
 
-#define PKCS11_IMPLEMENT_VERSION_ACCESSOR(s, f) \
+#define PKCS11_IMPLEMENT_BYTE_ACCESSOR(s, f) \
 static VALUE c##s##_get_##f(VALUE o){ \
-  return get_version(o, OFFSET_OF(s, f)); \
+  return get_byte(o, OFFSET_OF(s, f)); \
 } \
 static VALUE c##s##_set_##f(VALUE o, VALUE v){ \
-  return set_version(o, v, OFFSET_OF(s, f)); \
+  return set_byte(o, v, OFFSET_OF(s, f)); \
+}
+
+#define PKCS11_IMPLEMENT_ULONG_PTR_ACCESSOR(s, f) \
+static VALUE c##s##_get_##f(VALUE o){ \
+  return get_ulong_ptr(o, OFFSET_OF(s, f)); \
+} \
+static VALUE c##s##_set_##f(VALUE o, VALUE v){ \
+  return set_ulong_ptr(o, v, #f, OFFSET_OF(s, f)); \
+}
+
+#define PKCS11_IMPLEMENT_HANDLE_ACCESSOR(s, f) \
+static VALUE c##s##_get_##f(VALUE o){ \
+  return get_handle(o, OFFSET_OF(s, f)); \
+} \
+static VALUE c##s##_set_##f(VALUE o, VALUE v){ \
+  return set_handle(o, v, OFFSET_OF(s, f)); \
+}
+
+#define PKCS11_IMPLEMENT_BOOL_ACCESSOR(s, f) \
+static VALUE c##s##_get_##f(VALUE o){ \
+  return get_bool(o, OFFSET_OF(s, f)); \
+} \
+static VALUE c##s##_set_##f(VALUE o, VALUE v){ \
+  return set_bool(o, v, OFFSET_OF(s, f)); \
 }
 
 #define PKCS11_IMPLEMENT_STRING_PTR_ACCESSOR(s, f) \
@@ -1424,61 +1724,43 @@ static VALUE c##s##_set_##f(VALUE o, VALUE v){ \
   return set_string_ptr(o, v, #f, OFFSET_OF(s, f)); \
 }
 
+#define PKCS11_IMPLEMENT_STRING_PTR_LEN_ACCESSOR(s, f, l) \
+static VALUE c##s##_get_##f(VALUE o){ \
+  return get_string_ptr_len(o, #f, OFFSET_OF(s, f), OFFSET_OF(s, l)); \
+} \
+static VALUE c##s##_set_##f(VALUE o, VALUE v){ \
+  return set_string_ptr_len(o, v, #f, OFFSET_OF(s, f), OFFSET_OF(s, l)); \
+}
+
+#define PKCS11_IMPLEMENT_STRUCT_ACCESSOR(s, k, f) \
+static VALUE c##s##_get_##f(VALUE o){ \
+  return get_struct_inline(o, c##k, #f, OFFSET_OF(s, f)); \
+} \
+static VALUE c##s##_set_##f(VALUE o, VALUE v){ \
+  return set_struct_inline(o, c##k, #k, v, #f, OFFSET_OF(s, f), sizeof(k)); \
+}
+
+#define PKCS11_IMPLEMENT_STRUCT_PTR_ACCESSOR(s, k, f) \
+static VALUE c##s##_get_##f(VALUE o){ \
+  return get_struct_ptr(o, c##k, #f, OFFSET_OF(s, f)); \
+} \
+static VALUE c##s##_set_##f(VALUE o, VALUE v){ \
+  return set_struct_ptr(o, c##k, #k, v, #f, OFFSET_OF(s, f)); \
+}
+
 ///////////////////////////////////////
 
-PKCS11_IMPLEMENT_ALLOCATOR(CK_C_INITIALIZE_ARGS)
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_C_INITIALIZE_ARGS, flags)
-PKCS11_IMPLEMENT_STRING_PTR_ACCESSOR(CK_C_INITIALIZE_ARGS, pReserved)
-
-PKCS11_IMPLEMENT_ALLOCATOR(CK_INFO)
-PKCS11_IMPLEMENT_VERSION_ACCESSOR(CK_INFO, cryptokiVersion)
-PKCS11_IMPLEMENT_STRING_ACCESSOR(CK_INFO, manufacturerID)
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_INFO, flags)
-PKCS11_IMPLEMENT_STRING_ACCESSOR(CK_INFO, libraryDescription)
-PKCS11_IMPLEMENT_VERSION_ACCESSOR(CK_INFO, libraryVersion)
-
-PKCS11_IMPLEMENT_ALLOCATOR(CK_SLOT_INFO)
-PKCS11_IMPLEMENT_STRING_ACCESSOR(CK_SLOT_INFO, slotDescription)
-PKCS11_IMPLEMENT_STRING_ACCESSOR(CK_SLOT_INFO, manufacturerID)
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_SLOT_INFO, flags)
-PKCS11_IMPLEMENT_VERSION_ACCESSOR(CK_SLOT_INFO, hardwareVersion)
-PKCS11_IMPLEMENT_VERSION_ACCESSOR(CK_SLOT_INFO, firmwareVersion)
-
-PKCS11_IMPLEMENT_ALLOCATOR(CK_TOKEN_INFO);
-PKCS11_IMPLEMENT_STRING_ACCESSOR(CK_TOKEN_INFO, label);
-PKCS11_IMPLEMENT_STRING_ACCESSOR(CK_TOKEN_INFO, manufacturerID);
-PKCS11_IMPLEMENT_STRING_ACCESSOR(CK_TOKEN_INFO, model);
-PKCS11_IMPLEMENT_STRING_ACCESSOR(CK_TOKEN_INFO, serialNumber);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_TOKEN_INFO, flags);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_TOKEN_INFO, ulMaxSessionCount);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_TOKEN_INFO, ulSessionCount);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_TOKEN_INFO, ulMaxRwSessionCount);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_TOKEN_INFO, ulRwSessionCount);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_TOKEN_INFO, ulMaxPinLen);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_TOKEN_INFO, ulMinPinLen);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_TOKEN_INFO, ulTotalPublicMemory);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_TOKEN_INFO, ulFreePublicMemory);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_TOKEN_INFO, ulTotalPrivateMemory);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_TOKEN_INFO, ulFreePrivateMemory);
-PKCS11_IMPLEMENT_VERSION_ACCESSOR(CK_TOKEN_INFO, hardwareVersion);
-PKCS11_IMPLEMENT_VERSION_ACCESSOR(CK_TOKEN_INFO, firmwareVersion);
-PKCS11_IMPLEMENT_STRING_ACCESSOR(CK_TOKEN_INFO, utcTime);
-
-PKCS11_IMPLEMENT_ALLOCATOR(CK_MECHANISM_INFO);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_MECHANISM_INFO, ulMinKeySize);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_MECHANISM_INFO, ulMaxKeySize);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_MECHANISM_INFO, flags);
-
-PKCS11_IMPLEMENT_ALLOCATOR(CK_SESSION_INFO);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_SESSION_INFO, slotID);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_SESSION_INFO, state);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_SESSION_INFO, flags);
-PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_SESSION_INFO, ulDeviceError);
+#include "pk11_struct_impl.inc"
 
 ///////////////////////////////////////
 
 PKCS11_IMPLEMENT_ALLOCATOR(CK_MECHANISM)
 
+/*
+ * Spezifies a particularly crypto mechanism.
+ * @param [Integer, nil] mechanism The mechanism to use (PKCS11::CKM_*)
+ * @param [String, Integer, PKCS11::CStruct, nil] pParameter optional parameter to the mechanism
+ */
 static VALUE
 cCK_MECHANISM_initialize(int argc, VALUE *argv, VALUE self)
 {
@@ -1491,8 +1773,13 @@ cCK_MECHANISM_initialize(int argc, VALUE *argv, VALUE self)
   return self;
 }
 
+/* rb_define_method(cCK_MECHANISM, "mechanism", cCK_MECHANISM_get_mechanism, 0); */
+/* rb_define_method(cCK_MECHANISM, "mechanism=", cCK_MECHANISM_set_mechanism, 0); */
 PKCS11_IMPLEMENT_ULONG_ACCESSOR(CK_MECHANISM, mechanism);
 
+/* rb_define_method(cCK_MECHANISM, "pParameter", cCK_MECHANISM_get_pParameter, 0); */
+/* rb_define_method(cCK_MECHANISM, "pParameter=", cCK_MECHANISM_set_pParameter, 0); */
+/* @see PKCS11::CK_MECHANISM#initialize */
 static VALUE
 cCK_MECHANISM_get_pParameter(VALUE self)
 {
@@ -1505,17 +1792,32 @@ static VALUE
 cCK_MECHANISM_set_pParameter(VALUE self, VALUE value)
 {
   CK_MECHANISM_PTR m = DATA_PTR(self);
+  CK_ULONG ulong_val;
 
-  if (NIL_P(value)){
+  switch(TYPE(value)){
+  case T_NIL:
     m->pParameter = NULL_PTR;
     m->ulParameterLen = 0;
-  }
-  else{
-    StringValue(value);
+    break;
+  case T_STRING:
     value = rb_obj_freeze(rb_str_dup(value));
     m->pParameter = RSTRING_PTR(value);
     m->ulParameterLen = RSTRING_LEN(value);
+    break;
+  case T_FIXNUM:
+    ulong_val = NUM2ULONG(value);
+    value = rb_obj_freeze(rb_str_new((char*)&ulong_val, sizeof(ulong_val)));
+    m->pParameter = RSTRING_PTR(value);
+    m->ulParameterLen = RSTRING_LEN(value);
+    break;
+  case T_DATA:
+    m->pParameter = DATA_PTR(value);
+    m->ulParameterLen = NUM2LONG(rb_const_get(rb_funcall(value, rb_intern("class"), 0), rb_intern("SIZEOF_STRUCT")));
+    break;
+  default:
+    rb_raise(rb_eArgError, "invalid argument");
   }
+  /* don't GC the value as long as this object is active */
   rb_iv_set(self, "pParameter", value);
 
   return value;
@@ -1528,16 +1830,22 @@ cCK_MECHANISM_set_pParameter(VALUE self, VALUE value)
 
 #define PKCS11_DEFINE_STRUCT(s) \
   do { \
-    c##s = rb_define_class_under(mPKCS11, #s, rb_cObject); \
+    c##s = rb_define_class_under(mPKCS11, #s, cCStruct); \
+    a##s##_members = rb_ary_new(); \
     rb_define_alloc_func(c##s, s##_s_alloc); \
+    rb_define_const(c##s, "SIZEOF_STRUCT", ULONG2NUM(sizeof(s))); \
+    rb_define_method(c##s, "to_s", c##s##_to_s, 0); \
+    rb_define_method(c##s, "members", c##s##_members, 0); \
+    rb_iv_set(c##s, "members", a##s##_members); \
   } while(0)
 
 #define PKCS11_DEFINE_MEMBER(s, f) \
   do { \
     rb_define_method(c##s, #f, c##s##_get_##f, 0); \
     rb_define_method(c##s, #f "=", c##s##_set_##f, 1); \
+    rb_ary_push(a##s##_members, rb_str_new2(#f)); \
   } while(0)
-  
+
 void
 Init_pkcs11_ext()
 {
@@ -1547,17 +1855,23 @@ Init_pkcs11_ext()
 
 /* Document-method: PKCS11.open
  *
- * Alias function for PKCS11::Library.new
+ * Alias function for {PKCS11::Library#initialize}
  */
   rb_define_module_function(mPKCS11, "open", pkcs11_library_new, -1);
-  
+
   /* Library version */
   rb_define_const( mPKCS11, "VERSION", rb_str_new2(VERSION) );
-  
+
+  /* Document-class: PKCS11::Error
+   *
+   * Base class for all Cryptoki exceptions (CKR_*)  */
   ePKCS11Error = rb_define_class_under(mPKCS11, "Error", rb_eStandardError);
   rb_define_alloc_func(cPKCS11, pkcs11_s_alloc);
   rb_define_method(cPKCS11, "initialize", pkcs11_initialize, -1);
 
+  PKCS11_DEFINE_METHOD(load_library, 1);
+  PKCS11_DEFINE_METHOD(C_GetFunctionList, 0);
+  PKCS11_DEFINE_METHOD(C_Initialize, -1);
   PKCS11_DEFINE_METHOD(C_GetInfo, 0);
   PKCS11_DEFINE_METHOD(C_GetSlotList, 1);
   PKCS11_DEFINE_METHOD(C_GetSlotInfo, 1);
@@ -1578,6 +1892,7 @@ Init_pkcs11_ext()
   PKCS11_DEFINE_METHOD(C_SetPIN, 3);
 
   PKCS11_DEFINE_METHOD(C_CreateObject, 2);
+  PKCS11_DEFINE_METHOD(C_CopyObject, 3);
   PKCS11_DEFINE_METHOD(C_DestroyObject, 2);
   PKCS11_DEFINE_METHOD(C_GetObjectSize, 2);
   PKCS11_DEFINE_METHOD(C_FindObjectsInit, 2);
@@ -1625,12 +1940,11 @@ Init_pkcs11_ext()
 
   PKCS11_DEFINE_METHOD(C_WaitForSlotEvent, 1);
   PKCS11_DEFINE_METHOD(C_Finalize, 0);
+  PKCS11_DEFINE_METHOD(unload_library, 0);
 
   ///////////////////////////////////////
 
-  PKCS11_DEFINE_STRUCT(CK_C_INITIALIZE_ARGS);
-  PKCS11_DEFINE_MEMBER(CK_C_INITIALIZE_ARGS, flags);
-  PKCS11_DEFINE_MEMBER(CK_C_INITIALIZE_ARGS, pReserved);
+  cCStruct = rb_define_class_under(mPKCS11, "CStruct", rb_cObject);
 
   cCK_ATTRIBUTE = rb_define_class_under(mPKCS11, "CK_ATTRIBUTE", rb_cObject);
   rb_define_alloc_func(cCK_ATTRIBUTE, ck_attr_s_alloc);
@@ -1638,100 +1952,16 @@ Init_pkcs11_ext()
   rb_define_method(cCK_ATTRIBUTE, "type", ck_attr_type, 0);
   rb_define_method(cCK_ATTRIBUTE, "value", ck_attr_value, 0);
 
-  PKCS11_DEFINE_STRUCT(CK_INFO);
-  PKCS11_DEFINE_MEMBER(CK_INFO, cryptokiVersion);
-  PKCS11_DEFINE_MEMBER(CK_INFO, manufacturerID);
-  PKCS11_DEFINE_MEMBER(CK_INFO, flags);
-  PKCS11_DEFINE_MEMBER(CK_INFO, libraryDescription);
-  PKCS11_DEFINE_MEMBER(CK_INFO, libraryVersion);
-
-  PKCS11_DEFINE_STRUCT(CK_SLOT_INFO);
-  PKCS11_DEFINE_MEMBER(CK_SLOT_INFO, slotDescription);
-  PKCS11_DEFINE_MEMBER(CK_SLOT_INFO, manufacturerID);
-  PKCS11_DEFINE_MEMBER(CK_SLOT_INFO, flags);
-  PKCS11_DEFINE_MEMBER(CK_SLOT_INFO, hardwareVersion);
-  PKCS11_DEFINE_MEMBER(CK_SLOT_INFO, firmwareVersion);
-
-  PKCS11_DEFINE_STRUCT(CK_TOKEN_INFO);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, label);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, manufacturerID);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, model);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, serialNumber);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, flags);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, ulMaxSessionCount);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, ulSessionCount);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, ulMaxRwSessionCount);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, ulRwSessionCount);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, ulMaxPinLen);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, ulMinPinLen);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, ulTotalPublicMemory);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, ulFreePublicMemory);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, ulTotalPrivateMemory);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, ulFreePrivateMemory);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, hardwareVersion);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, firmwareVersion);
-  PKCS11_DEFINE_MEMBER(CK_TOKEN_INFO, utcTime);
-
-  PKCS11_DEFINE_STRUCT(CK_MECHANISM_INFO);
-  PKCS11_DEFINE_MEMBER(CK_MECHANISM_INFO, ulMinKeySize);
-  PKCS11_DEFINE_MEMBER(CK_MECHANISM_INFO, ulMaxKeySize);
-  PKCS11_DEFINE_MEMBER(CK_MECHANISM_INFO, flags);
-
-  PKCS11_DEFINE_STRUCT(CK_SESSION_INFO);
-  PKCS11_DEFINE_MEMBER(CK_SESSION_INFO, slotID);
-  PKCS11_DEFINE_MEMBER(CK_SESSION_INFO, state);
-  PKCS11_DEFINE_MEMBER(CK_SESSION_INFO, flags);
-  PKCS11_DEFINE_MEMBER(CK_SESSION_INFO, ulDeviceError);
-
+  /* Document-class: PKCS11::CK_MECHANISM
+   *
+   * Describes a crypto mechanism CKM_* with optional parameters. */
+  /* cCK_MECHANISM = rb_define_class_under(mPKCS11, "CK_MECHANISM", rb_cObject); */
   PKCS11_DEFINE_STRUCT(CK_MECHANISM);
   rb_define_method(cCK_MECHANISM, "initialize", cCK_MECHANISM_initialize, -1);
   PKCS11_DEFINE_MEMBER(CK_MECHANISM, mechanism);
   PKCS11_DEFINE_MEMBER(CK_MECHANISM, pParameter);
 
-  //CK_RSA_PKCS_OAEP_PARAMS
-  //CK_RSA_PKCS_PSS_PARAMS
-  //CK_AES_CBC_ENCRYPT_DATA_PARAMS
-  //CK_AES_CTR_PARAMS
-  //CK_ARIA_CBC_ENCRYPT_DATA_PARAMS
-  //CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS
-  //CK_CAMELLIA_CTR_PARAMS
-  //CK_CMS_SIG_PARAMS
-  //CK_DES_CBC_ENCRYPT_DATA_PARAMS
-  //CK_ECDH1_DERIVE_PARAMS
-  //CK_ECDH2_DERIVE_PARAMS
-  //CK_ECMQV_DERIVE_PARAMS
-  //CK_FUNCTION_LIST
-  //CK_KEA_DERIVE_PARAMS
-  //CK_KEY_DERIVATION_STRING_DATA
-  //CK_KEY_WRAP_SET_OAEP_PARAMS
-  //CK_KIP_PARAMS
-  //CK_OTP_PARAM
-  //CK_OTP_PARAMS
-  //CK_OTP_SIGNATURE_INFO
-  //CK_PBE_PARAMS
-  //CK_PKCS5_PBKD2_PARAMS
-  //CK_RC2_CBC_PARAMS
-  //CK_RC2_MAC_GENERAL_PARAMS
-  //CK_RC5_CBC_PARAMS
-  //CK_RC5_MAC_GENERAL_PARAMS
-  //CK_RC5_PARAMS
-  //CK_SKIPJACK_PRIVATE_WRAP_PARAMS
-  //CK_SKIPJACK_RELAYX_PARAMS
-  //CK_SSL3_KEY_MAT_OUT
-  //CK_SSL3_KEY_MAT_PARAMS
-  //CK_SSL3_MASTER_KEY_DERIVE_PARAMS
-  //CK_SSL3_RANDOM_DATA
-  //CK_TLS_PRF_PARAMS
-  //CK_WTLS_KEY_MAT_OUT
-  //CK_WTLS_KEY_MAT_PARAMS
-  //CK_WTLS_MASTER_KEY_DERIVE_PARAMS
-  //CK_WTLS_PRF_PARAMS
-  //CK_WTLS_RANDOM_DATA
-  //CK_X9_42_DH1_DERIVE_PARAMS
-  //CK_X9_42_DH2_DERIVE_PARAMS
-  //CK_X9_42_MQV_DERIVE_PARAMS
-
-  ///////////////////////////////////////
+  #include "pk11_struct_def.inc"
 
-  Init_pkcs11_const(mPKCS11);
+  Init_pkcs11_const(mPKCS11, ePKCS11Error);
 }