pkcs11 0.2.1-x86-mingw32 → 0.2.2-x86-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- data/.gemtest +0 -0
- data/History.txt +10 -0
- data/Manifest.txt +16 -2
- data/README.rdoc +24 -7
- data/Rakefile +29 -18
- data/ext/generate_structs.rb +28 -16
- data/ext/pk11.c +132 -99
- data/ext/pk11.h +3 -3
- data/ext/pk11_const_macros.h +4 -3
- data/ext/pk11_struct.doc +792 -0
- data/ext/pk11_struct_impl.inc +2 -2
- data/ext/pk11_struct_macros.h +14 -2
- data/ext/pk11_version.h +6 -0
- data/lib/1.8/pkcs11_ext.so +0 -0
- data/lib/1.9/pkcs11_ext.so +0 -0
- data/lib/pkcs11/helper.rb +7 -7
- data/lib/pkcs11/library.rb +28 -4
- data/lib/pkcs11/object.rb +29 -18
- data/pkcs11_protect_server/Manifest.txt +14 -0
- data/test/helper.rb +17 -9
- data/test/test_pkcs11.rb +4 -4
- data/test/test_pkcs11_object.rb +22 -8
- data/test/test_pkcs11_thread.rb +0 -1
- metadata +31 -32
- data/sample/firefox_certs.rb +0 -90
- data/sample/nssckbi.rb +0 -51
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pkcs11
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 19
|
|
5
5
|
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 2
|
|
9
|
-
-
|
|
10
|
-
version: 0.2.
|
|
9
|
+
- 2
|
|
10
|
+
version: 0.2.2
|
|
11
11
|
platform: x86-mingw32
|
|
12
12
|
authors:
|
|
13
13
|
- Ryosuke Kutsuna
|
|
@@ -17,11 +17,10 @@ autorequire:
|
|
|
17
17
|
bindir: bin
|
|
18
18
|
cert_chain: []
|
|
19
19
|
|
|
20
|
-
date: 2011-
|
|
21
|
-
default_executable:
|
|
20
|
+
date: 2011-12-12 00:00:00 Z
|
|
22
21
|
dependencies:
|
|
23
22
|
- !ruby/object:Gem::Dependency
|
|
24
|
-
name:
|
|
23
|
+
name: yard
|
|
25
24
|
prerelease: false
|
|
26
25
|
requirement: &id001 !ruby/object:Gem::Requirement
|
|
27
26
|
none: false
|
|
@@ -30,56 +29,54 @@ dependencies:
|
|
|
30
29
|
- !ruby/object:Gem::Version
|
|
31
30
|
hash: 7
|
|
32
31
|
segments:
|
|
33
|
-
- 2
|
|
34
32
|
- 0
|
|
35
|
-
-
|
|
36
|
-
version:
|
|
33
|
+
- 6
|
|
34
|
+
version: "0.6"
|
|
37
35
|
type: :development
|
|
38
36
|
version_requirements: *id001
|
|
39
37
|
- !ruby/object:Gem::Dependency
|
|
40
|
-
name:
|
|
38
|
+
name: rake-compiler
|
|
41
39
|
prerelease: false
|
|
42
40
|
requirement: &id002 !ruby/object:Gem::Requirement
|
|
43
41
|
none: false
|
|
44
42
|
requirements:
|
|
45
43
|
- - ">="
|
|
46
44
|
- !ruby/object:Gem::Version
|
|
47
|
-
hash:
|
|
45
|
+
hash: 5
|
|
48
46
|
segments:
|
|
49
47
|
- 0
|
|
50
|
-
-
|
|
51
|
-
version: "0.
|
|
48
|
+
- 7
|
|
49
|
+
version: "0.7"
|
|
52
50
|
type: :development
|
|
53
51
|
version_requirements: *id002
|
|
54
52
|
- !ruby/object:Gem::Dependency
|
|
55
|
-
name:
|
|
53
|
+
name: hoe
|
|
56
54
|
prerelease: false
|
|
57
55
|
requirement: &id003 !ruby/object:Gem::Requirement
|
|
58
56
|
none: false
|
|
59
57
|
requirements:
|
|
60
|
-
- -
|
|
58
|
+
- - ~>
|
|
61
59
|
- !ruby/object:Gem::Version
|
|
62
|
-
hash:
|
|
60
|
+
hash: 27
|
|
63
61
|
segments:
|
|
64
|
-
-
|
|
65
|
-
-
|
|
66
|
-
version: "
|
|
62
|
+
- 2
|
|
63
|
+
- 12
|
|
64
|
+
version: "2.12"
|
|
67
65
|
type: :development
|
|
68
66
|
version_requirements: *id003
|
|
69
67
|
- !ruby/object:Gem::Dependency
|
|
70
|
-
name:
|
|
68
|
+
name: rdoc
|
|
71
69
|
prerelease: false
|
|
72
70
|
requirement: &id004 !ruby/object:Gem::Requirement
|
|
73
71
|
none: false
|
|
74
72
|
requirements:
|
|
75
|
-
- -
|
|
73
|
+
- - ~>
|
|
76
74
|
- !ruby/object:Gem::Version
|
|
77
75
|
hash: 19
|
|
78
76
|
segments:
|
|
79
|
-
-
|
|
80
|
-
-
|
|
81
|
-
|
|
82
|
-
version: 2.7.0
|
|
77
|
+
- 3
|
|
78
|
+
- 10
|
|
79
|
+
version: "3.10"
|
|
83
80
|
type: :development
|
|
84
81
|
version_requirements: *id004
|
|
85
82
|
description: "This module allows Ruby programs to interface with \"RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki)\"."
|
|
@@ -94,10 +91,12 @@ extensions: []
|
|
|
94
91
|
extra_rdoc_files:
|
|
95
92
|
- History.txt
|
|
96
93
|
- Manifest.txt
|
|
94
|
+
- pkcs11_protect_server/Manifest.txt
|
|
97
95
|
- README.rdoc
|
|
98
96
|
- ext/pk11.c
|
|
99
97
|
files:
|
|
100
98
|
- .autotest
|
|
99
|
+
- .gemtest
|
|
101
100
|
- .yardopts
|
|
102
101
|
- History.txt
|
|
103
102
|
- MIT-LICENSE
|
|
@@ -120,6 +119,7 @@ files:
|
|
|
120
119
|
- ext/pk11_const.c
|
|
121
120
|
- ext/pk11_const_macros.h
|
|
122
121
|
- ext/pk11_struct_macros.h
|
|
122
|
+
- ext/pk11_version.h
|
|
123
123
|
- lib/pkcs11.rb
|
|
124
124
|
- lib/pkcs11/extensions.rb
|
|
125
125
|
- lib/pkcs11/helper.rb
|
|
@@ -127,8 +127,6 @@ files:
|
|
|
127
127
|
- lib/pkcs11/object.rb
|
|
128
128
|
- lib/pkcs11/session.rb
|
|
129
129
|
- lib/pkcs11/slot.rb
|
|
130
|
-
- sample/firefox_certs.rb
|
|
131
|
-
- sample/nssckbi.rb
|
|
132
130
|
- test/fixtures/softokn/cert8.db
|
|
133
131
|
- test/fixtures/softokn/key3.db
|
|
134
132
|
- test/fixtures/softokn/secmod.db
|
|
@@ -143,11 +141,12 @@ files:
|
|
|
143
141
|
- ext/pk11_struct_impl.inc
|
|
144
142
|
- ext/pk11_struct_def.inc
|
|
145
143
|
- ext/pk11_const_def.inc
|
|
144
|
+
- ext/pk11_struct.doc
|
|
146
145
|
- ext/pk11_thread_funcs.h
|
|
147
146
|
- ext/pk11_thread_funcs.c
|
|
147
|
+
- pkcs11_protect_server/Manifest.txt
|
|
148
148
|
- lib/1.8/pkcs11_ext.so
|
|
149
149
|
- lib/1.9/pkcs11_ext.so
|
|
150
|
-
has_rdoc: true
|
|
151
150
|
homepage: http://github.com/larskanis/pkcs11
|
|
152
151
|
licenses: []
|
|
153
152
|
|
|
@@ -178,15 +177,15 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
178
177
|
requirements: []
|
|
179
178
|
|
|
180
179
|
rubyforge_project: pkcs11
|
|
181
|
-
rubygems_version: 1.
|
|
180
|
+
rubygems_version: 1.8.11
|
|
182
181
|
signing_key:
|
|
183
182
|
specification_version: 3
|
|
184
183
|
summary: PKCS#11 binding for Ruby
|
|
185
184
|
test_files:
|
|
186
|
-
- test/test_pkcs11_object.rb
|
|
187
|
-
- test/test_pkcs11_structs.rb
|
|
188
185
|
- test/test_pkcs11_thread.rb
|
|
186
|
+
- test/test_pkcs11_structs.rb
|
|
189
187
|
- test/test_pkcs11_session.rb
|
|
190
188
|
- test/test_pkcs11_slot.rb
|
|
191
|
-
- test/test_pkcs11_crypt.rb
|
|
192
189
|
- test/test_pkcs11.rb
|
|
190
|
+
- test/test_pkcs11_crypt.rb
|
|
191
|
+
- test/test_pkcs11_object.rb
|
data/sample/firefox_certs.rb
DELETED
|
@@ -1,90 +0,0 @@
|
|
|
1
|
-
require "pkcs11"
|
|
2
|
-
require "openssl"
|
|
3
|
-
|
|
4
|
-
LIBSOFTOKEN3_SO = "libsoftokn3.so"
|
|
5
|
-
LIBNSS_PATHS = %w(
|
|
6
|
-
/usr/lib64 /usr/lib/ /usr/lib64/nss /usr/lib/nss
|
|
7
|
-
)
|
|
8
|
-
unless so_path = ARGV.shift
|
|
9
|
-
paths = LIBNSS_PATHS.collect{|path| File.join(path, LIBSOFTOKEN3_SO) }
|
|
10
|
-
so_path = paths.find{|path| File.exist?(path) }
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
dir = Dir.glob(File.expand_path("~/.mozilla/firefox/*.default")).first
|
|
14
|
-
NSS_INIT_ARGS = [
|
|
15
|
-
"configDir='#{dir}'",
|
|
16
|
-
"secmod='secmod.db'",
|
|
17
|
-
"flags='readOnly'",
|
|
18
|
-
]
|
|
19
|
-
|
|
20
|
-
args = PKCS11::CK_C_INITIALIZE_ARGS.new
|
|
21
|
-
args.flags = 0
|
|
22
|
-
args.pReserved = NSS_INIT_ARGS.join(" ")
|
|
23
|
-
|
|
24
|
-
pk11 = PKCS11.new(so_path, args)
|
|
25
|
-
info = pk11.C_GetInfo
|
|
26
|
-
p [
|
|
27
|
-
info.cryptokiVersion, info.manufacturerID, info.flags,
|
|
28
|
-
info.libraryDescription, info.libraryVersion
|
|
29
|
-
]
|
|
30
|
-
|
|
31
|
-
slots = pk11.C_GetSlotList(false)
|
|
32
|
-
p slots
|
|
33
|
-
|
|
34
|
-
slot = 2
|
|
35
|
-
sinfo = pk11.C_GetSlotInfo(slot)
|
|
36
|
-
p [
|
|
37
|
-
sinfo.slotDescription, sinfo.manufacturerID, sinfo.flags,
|
|
38
|
-
sinfo.hardwareVersion, sinfo.firmwareVersion
|
|
39
|
-
]
|
|
40
|
-
mechanisms = pk11.C_GetMechanismList(slot)
|
|
41
|
-
mechanisms.each do |m|
|
|
42
|
-
p PKCS11::MECHANISMS[m] || m
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
flags = PKCS11::CKF_SERIAL_SESSION | PKCS11::CKF_RW_SESSION
|
|
46
|
-
session = pk11.C_OpenSession(slot, flags)
|
|
47
|
-
p [:session, session]
|
|
48
|
-
pk11.C_Login(session, PKCS11::CKU_USER, "")
|
|
49
|
-
|
|
50
|
-
find_template = [
|
|
51
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_CLASS, PKCS11::CKO_CERTIFICATE),
|
|
52
|
-
]
|
|
53
|
-
p pk11.C_FindObjectsInit(session, find_template)
|
|
54
|
-
objs = pk11.C_FindObjects(session, 128)
|
|
55
|
-
objs.each do |handle|
|
|
56
|
-
template = [
|
|
57
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_SUBJECT, nil),
|
|
58
|
-
]
|
|
59
|
-
attrs = pk11.C_GetAttributeValue(session, handle, template)
|
|
60
|
-
attrs.each do |attr|
|
|
61
|
-
p OpenSSL::X509::Name.new(attr.value)
|
|
62
|
-
end
|
|
63
|
-
end
|
|
64
|
-
objs = pk11.C_FindObjectsFinal(session)
|
|
65
|
-
|
|
66
|
-
find_template = [
|
|
67
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_CLASS, PKCS11::CKO_PRIVATE_KEY),
|
|
68
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_KEY_TYPE, PKCS11::CKK_RSA),
|
|
69
|
-
]
|
|
70
|
-
p pk11.C_FindObjectsInit(session, find_template)
|
|
71
|
-
objs = pk11.C_FindObjects(session, 128)
|
|
72
|
-
objs.each do |handle|
|
|
73
|
-
template = [
|
|
74
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_CLASS, nil),
|
|
75
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_KEY_TYPE, nil),
|
|
76
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_ID, nil),
|
|
77
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_SIGN, nil),
|
|
78
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_SIGN_RECOVER, nil),
|
|
79
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_DECRYPT, nil),
|
|
80
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_EXTRACTABLE, nil),
|
|
81
|
-
]
|
|
82
|
-
attrs = pk11.C_GetAttributeValue(session, handle, template)
|
|
83
|
-
attrs.each do |attr|
|
|
84
|
-
p [PKCS11::ATTRIBUTES[attr.type], attr.value]
|
|
85
|
-
end
|
|
86
|
-
end
|
|
87
|
-
objs = pk11.C_FindObjectsFinal(session)
|
|
88
|
-
|
|
89
|
-
pk11.C_Logout(session)
|
|
90
|
-
pk11.C_CloseSession(session)
|
data/sample/nssckbi.rb
DELETED
|
@@ -1,51 +0,0 @@
|
|
|
1
|
-
require "pkcs11"
|
|
2
|
-
require "openssl"
|
|
3
|
-
|
|
4
|
-
LIBNSSCKBI_SO = "libnssckbi.so"
|
|
5
|
-
LIBNSS_PATHS = %w(
|
|
6
|
-
/usr/lib64 /usr/lib /usr/lib64/nss /usr/lib/nss
|
|
7
|
-
/usr/lib64/xulrunner /usr/lib/xulrunner
|
|
8
|
-
/usr/local/lib64/xulrunner /usr/local/lib/xulrunner
|
|
9
|
-
)
|
|
10
|
-
unless so_name = ARGV[0]
|
|
11
|
-
paths = LIBNSS_PATHS.collect{|path| File.join(path, LIBNSSCKBI_SO) }
|
|
12
|
-
so_name = paths.find{|path| File.exist?(path) }
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
pkcs11 = PKCS11.new(so_name)
|
|
16
|
-
slot = pkcs11.C_GetSlotList(true).first
|
|
17
|
-
session = pkcs11.C_OpenSession(slot, PKCS11::CKF_SERIAL_SESSION)
|
|
18
|
-
|
|
19
|
-
pkcs11.C_FindObjectsInit(session, [
|
|
20
|
-
PKCS11::CK_ATTRIBUTE.new(PKCS11::CKA_CLASS, PKCS11::CKO_CERTIFICATE)
|
|
21
|
-
])
|
|
22
|
-
handles = pkcs11.C_FindObjects(session, 1000)
|
|
23
|
-
pkcs11.C_FindObjectsFinal(session)
|
|
24
|
-
|
|
25
|
-
attribute_types = [
|
|
26
|
-
PKCS11::CKA_CLASS,
|
|
27
|
-
PKCS11::CKA_TOKEN, PKCS11::CKA_PRIVATE, PKCS11::CKA_MODIFIABLE,
|
|
28
|
-
PKCS11::CKA_LABEL, PKCS11::CKA_CERTIFICATE_TYPE,
|
|
29
|
-
PKCS11::CKA_SUBJECT, PKCS11::CKA_ID, PKCS11::CKA_ISSUER,
|
|
30
|
-
PKCS11::CKA_SERIAL_NUMBER, PKCS11::CKA_VALUE,
|
|
31
|
-
]
|
|
32
|
-
template = attribute_types.collect{|a| PKCS11::CK_ATTRIBUTE.new(a, nil) }
|
|
33
|
-
handles.each do |handle|
|
|
34
|
-
attributes = pkcs11.C_GetAttributeValue(session, handle, template)
|
|
35
|
-
attributes.each do |attribute|
|
|
36
|
-
type_name = PKCS11::ATTRIBUTES[attribute.type]
|
|
37
|
-
case attribute.type
|
|
38
|
-
when PKCS11::CKA_LABEL
|
|
39
|
-
p [type_name, attribute.value]
|
|
40
|
-
when PKCS11::CKA_SUBJECT, PKCS11::CKA_ISSUER
|
|
41
|
-
p [type_name, OpenSSL::X509::Name.new(attribute.value)]
|
|
42
|
-
when PKCS11::CKA_SERIAL_NUMBER
|
|
43
|
-
serial = OpenSSL::ASN1.decode(attribute.value).value rescue nil
|
|
44
|
-
attribute.value.unpack("w").first
|
|
45
|
-
p [type_name, serial]
|
|
46
|
-
when PKCS11::CKA_VALUE
|
|
47
|
-
cert = OpenSSL::X509::Certificate.new(attribute.value)
|
|
48
|
-
p [cert.serial, cert.not_before, cert.not_after]
|
|
49
|
-
end
|
|
50
|
-
end
|
|
51
|
-
end
|