pkcs11 0.2.4-x64-mingw32

data/ext/pk11_version.h

@@ -0,0 +1,6 @@
+#ifndef RUBY_PK11_VERSION_H
+#define RUBY_PK11_VERSION_H
+
+static const char *VERSION = "0.2.4";
+
+#endif

data/lib/pkcs11.rb

@@ -0,0 +1,9 @@
+#!/usr/bin/env ruby
+
+# Extend the search path for Windows binary gem, depending of the current ruby version
+major_minor = RUBY_VERSION[ /^(\d+\.\d+)/ ] or
+  raise "Oops, can't extract the major/minor version from #{RUBY_VERSION.dump}"
+$: << File.join(File.dirname(__FILE__), major_minor)
+
+require 'pkcs11_ext'
+require 'pkcs11/extensions'

data/lib/pkcs11/extensions.rb

@@ -0,0 +1,68 @@
+require 'pkcs11/library'
+require 'pkcs11/slot'
+require 'pkcs11/session'
+require 'pkcs11/object'
+
+# Ruby connector to PKCS#11 libraries.
+#
+# This library allowes to use PKCS#11 librarys in Ruby MRI.
+#
+# @example
+#   pkcs11 = PKCS11.open("/path/to/pkcs11.so")
+#   slot = pkcs11.active_slots.first
+#   p slot.info
+#   session = slot.open(PKCS11::CKF_SERIAL_SESSION|PKCS11::CKF_RW_SESSION)
+#   session.login(:USER, "1234")
+#   # ... crypto operations
+#   session.logout
+#   session.close
+#
+# See unit tests in the <tt>test</tt> directory for further examples of the usage.
+module PKCS11
+
+  class << self
+    # Open a PKCS#11 library file.
+    alias new open
+  end
+
+  # Base class of all PKCS#11 structs.
+  class CStruct
+    # @return [Array<String>] attribute names
+    def values
+      members.inject([]){|a,v| a << send(v) }
+    end
+    # @return [Hash] with attribute names and current values
+    def to_hash
+      members.inject({}){|h,v| h[v.intern] = send(v); h }
+    end
+    def inspect
+      "#<#{self.class} #{to_hash.map{|k,v| "#{k}=#{v.inspect}"}.join(", ") }>"
+    end
+  end
+
+  # Struct to hold an attribute type and it's value.
+  #
+  # @see PKCS11::Object
+  class CK_ATTRIBUTE
+    # @return [Array<String>] attribute names
+    def members
+      ['type', 'value']
+    end
+    # @return [Array<String, Boolean, Integer>] attribute values
+    def values
+      members.inject([]){|a,v| a << send(v) }
+    end
+    # @return [Hash] with attribute names and current values
+    def to_hash
+      members.inject({}){|h,v| h[v.intern] = send(v); h }
+    end
+    # Get the constant name as String of the given value.
+    # @return [String, nil]  Returns <tt>nil</tt> if value is unknown
+    def to_s
+      ATTRIBUTES[type]
+    end
+    def inspect
+      "#<#{self.class} #{ to_s ? "#{to_s} (#{type})" : type} value=#{value.inspect}>"
+    end
+  end
+end

data/lib/pkcs11/helper.rb

@@ -0,0 +1,144 @@
+module PKCS11
+  # Some functions internaly used to make the API more convenient.
+  # @private
+  module Helper  # :nodoc:
+    private
+
+    MechanismParameters = {
+      CKM_RSA_PKCS_OAEP => CK_RSA_PKCS_OAEP_PARAMS,
+      CKM_RSA_PKCS_PSS => CK_RSA_PKCS_PSS_PARAMS,
+      CKM_SHA1_RSA_PKCS_PSS => CK_RSA_PKCS_PSS_PARAMS,
+      CKM_SHA256_RSA_PKCS_PSS => CK_RSA_PKCS_PSS_PARAMS,
+      CKM_SHA384_RSA_PKCS_PSS => CK_RSA_PKCS_PSS_PARAMS,
+      CKM_SHA512_RSA_PKCS_PSS => CK_RSA_PKCS_PSS_PARAMS,
+      CKM_ECDH1_DERIVE => CK_ECDH1_DERIVE_PARAMS,
+      CKM_ECDH1_COFACTOR_DERIVE => CK_ECDH1_DERIVE_PARAMS,
+      CKM_ECMQV_DERIVE => CK_ECMQV_DERIVE_PARAMS,
+      CKM_X9_42_DH_DERIVE => CK_X9_42_DH1_DERIVE_PARAMS,
+# 			CKM_X9_42_MQV_DERIVE => CK_X9_42_DH2_DERIVE_PARAMS,
+      CKM_X9_42_DH_HYBRID_DERIVE => CK_X9_42_DH2_DERIVE_PARAMS,
+      CKM_X9_42_MQV_DERIVE => CK_X9_42_MQV_DERIVE_PARAMS,
+      CKM_KEA_KEY_DERIVE => CK_KEA_DERIVE_PARAMS,
+      CKM_RC2_CBC => CK_RC2_CBC_PARAMS,
+      CKM_RC2_CBC_PAD => CK_RC2_CBC_PARAMS,
+      CKM_RC2_MAC_GENERAL => CK_RC2_MAC_GENERAL_PARAMS,
+      CKM_RC5_MAC => CK_RC5_PARAMS,
+      CKM_RC5_ECB => CK_RC5_PARAMS,
+      CKM_RC5_CBC => CK_RC5_CBC_PARAMS,
+      CKM_RC5_CBC_PAD => CK_RC5_CBC_PARAMS,
+      CKM_RC5_MAC_GENERAL => CK_RC5_MAC_GENERAL_PARAMS,
+
+      CKM_SKIPJACK_PRIVATE_WRAP => CK_SKIPJACK_PRIVATE_WRAP_PARAMS,
+      CKM_SKIPJACK_RELAYX => CK_SKIPJACK_RELAYX_PARAMS,
+      CKM_PBE_MD2_DES_CBC => CK_PBE_PARAMS,
+      CKM_PBE_MD5_DES_CBC => CK_PBE_PARAMS,
+      CKM_PBE_MD5_CAST_CBC => CK_PBE_PARAMS,
+      CKM_PBE_MD5_CAST3_CBC => CK_PBE_PARAMS,
+      CKM_PBE_MD5_CAST5_CBC => CK_PBE_PARAMS,
+      CKM_PBE_MD5_CAST128_CBC => CK_PBE_PARAMS,
+      CKM_PBE_SHA1_CAST5_CBC => CK_PBE_PARAMS,
+      CKM_PBE_SHA1_CAST128_CBC => CK_PBE_PARAMS,
+      CKM_PBE_SHA1_RC4_128 => CK_PBE_PARAMS,
+      CKM_PBE_SHA1_RC4_40 => CK_PBE_PARAMS,
+      CKM_PBE_SHA1_DES3_EDE_CBC => CK_PBE_PARAMS,
+      CKM_PBE_SHA1_DES2_EDE_CBC => CK_PBE_PARAMS,
+      CKM_PBE_SHA1_RC2_128_CBC => CK_PBE_PARAMS,
+      CKM_PBE_SHA1_RC2_40_CBC => CK_PBE_PARAMS,
+      CKM_PBA_SHA1_WITH_SHA1_HMAC => CK_PBE_PARAMS,
+      CKM_PKCS5_PBKD2 => CK_PKCS5_PBKD2_PARAMS,
+      CKM_KEY_WRAP_SET_OAEP => CK_KEY_WRAP_SET_OAEP_PARAMS,
+      CKM_SSL3_MASTER_KEY_DERIVE => CK_SSL3_RANDOM_DATA,
+      CKM_SSL3_KEY_AND_MAC_DERIVE => CK_SSL3_RANDOM_DATA,
+      CKM_SSL3_MASTER_KEY_DERIVE => CK_SSL3_MASTER_KEY_DERIVE_PARAMS,
+      CKM_SSL3_KEY_AND_MAC_DERIVE => CK_SSL3_KEY_MAT_OUT,
+      CKM_SSL3_KEY_AND_MAC_DERIVE => CK_SSL3_KEY_MAT_PARAMS,
+      CKM_TLS_MASTER_KEY_DERIVE => CK_SSL3_MASTER_KEY_DERIVE_PARAMS,
+      CKM_TLS_PRF => CK_TLS_PRF_PARAMS,
+      CKM_WTLS_MASTER_KEY_DERIVE => CK_WTLS_RANDOM_DATA,
+      CKM_WTLS_MASTER_KEY_DERIVE => CK_WTLS_MASTER_KEY_DERIVE_PARAMS,
+      CKM_WTLS_PRF => CK_WTLS_PRF_PARAMS,
+      CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE => CK_WTLS_KEY_MAT_PARAMS,
+      CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE => CK_WTLS_KEY_MAT_PARAMS,
+      CKM_CMS_SIG => CK_CMS_SIG_PARAMS,
+
+      CKM_DES_ECB_ENCRYPT_DATA => CK_KEY_DERIVATION_STRING_DATA,
+      CKM_DES_CBC_ENCRYPT_DATA => CK_DES_CBC_ENCRYPT_DATA_PARAMS,
+      CKM_DES3_ECB_ENCRYPT_DATA => CK_KEY_DERIVATION_STRING_DATA,
+      CKM_DES3_CBC_ENCRYPT_DATA => CK_DES_CBC_ENCRYPT_DATA_PARAMS,
+      CKM_AES_ECB_ENCRYPT_DATA => CK_KEY_DERIVATION_STRING_DATA,
+      CKM_AES_CBC_ENCRYPT_DATA => CK_AES_CBC_ENCRYPT_DATA_PARAMS,
+      CKM_CONCATENATE_BASE_AND_DATA => CK_KEY_DERIVATION_STRING_DATA,
+      CKM_CONCATENATE_DATA_AND_BASE => CK_KEY_DERIVATION_STRING_DATA,
+      CKM_XOR_BASE_AND_DATA => CK_KEY_DERIVATION_STRING_DATA,
+
+      CKM_ARIA_ECB_ENCRYPT_DATA => CK_KEY_DERIVATION_STRING_DATA,
+      CKM_ARIA_CBC_ENCRYPT_DATA => CK_ARIA_CBC_ENCRYPT_DATA_PARAMS,
+
+      CKM_SSL3_PRE_MASTER_KEY_GEN => CK_VERSION,
+      CKM_TLS_PRE_MASTER_KEY_GEN => CK_VERSION,
+=begin
+      # for PKCS#11 v2.30
+      CKM_SEED_ECB_ENCRYPT_DATA => CK_KEY_DERIVATION_STRING_DATA,
+      CKM_SEED_CBC_ENCRYPT_DATA => CK_CBC_ENCRYPT_DATA_PARAMS,
+      CKM_GOSTR3410_KEY_WRAP => CK_GOSTR3410_KEY_WRAP_PARAMS,
+      CKM_GOSTR3410_DERIVE => CK_GOSTR3410_DERIVE_PARAMS,
+      CKM_GOSTR3410_KEY_WRAP => CK_GOSTR3410_KEY_WRAP_PARAMS,
+=end
+    }
+
+    def to_attributes(template)
+      case template
+        when Array
+          template.map{|v| @pk.vendor_class_CK_ATTRIBUTE.new(string_to_handle('CKA_', v), nil) }
+        when Hash
+          template.map{|k,v| @pk.vendor_class_CK_ATTRIBUTE.new(string_to_handle('CKA_', k), v) }
+        when String, Symbol
+          [@pk.vendor_class_CK_ATTRIBUTE.new(string_to_handle('CKA_', template), nil)]
+        when Integer
+          [@pk.vendor_class_CK_ATTRIBUTE.new(template, nil)]
+        else
+          template
+      end
+    end
+
+    def string_to_handle(prefix, attribute) # :nodoc:
+      case attribute
+        when String, Symbol
+          @pk.vendor_const_get("#{prefix}#{attribute}")
+        else
+          attribute
+      end
+    end
+
+    def to_mechanism(mechanism) # :nodoc:
+      case mechanism
+        when String, Symbol
+          PKCS11::CK_MECHANISM.new(string_to_handle('CKM_', mechanism))
+        when Hash
+          raise "only one mechanism allowed" unless mechanism.length==1
+
+          mech = string_to_handle('CKM_', mechanism.keys.first)
+          param = mechanism.values.first
+          case param
+          when Hash
+            param_class = @pk.vendor_mechanism_parameter_struct(mech)
+            raise ArgumentError, "unknown mechanism - please use String/Int/Struct as mechanism parameter" unless param_class
+
+            pa = param_class.new
+            param.each do |k, v|
+              pa.send "#{k}=", v
+            end
+            param = pa
+          end
+
+          PKCS11::CK_MECHANISM.new(mech, param)
+        when Fixnum
+          PKCS11::CK_MECHANISM.new(mechanism)
+        when Bignum
+          PKCS11::CK_MECHANISM.new(mechanism)
+        else
+          mechanism
+      end
+    end
+  end
+end

data/lib/pkcs11/library.rb

@@ -0,0 +1,140 @@
+module PKCS11
+  # A Library instance holds a handle to the opened PKCS#11 - dll or so file.
+  #
+  # == Low layer API
+  # The API of the binding consists of a lower layer, which
+  # is near to the PKCS#11 C interface, and a higher layer, which
+  # is more Ruby like and more comfortable. The low layer is currently
+  # not explicitly documented and is not recommented to use.
+  #
+  # All low layer PKCS#11 functions can be called on the {PKCS11::Library} object.
+  # Example for starting a session:
+  #   pkcs11 = PKCS11.open("/path/to/pkcs11.so")
+  #   slot = pkcs11.C_GetSlotList(true).first
+  #   session = pkcs11.C_OpenSession(slot, PKCS11::CKF_SERIAL_SESSION | PKCS11::CKF_RW_SESSION)
+  #   pkcs11.C_Login(session, PKCS11::CKU_USER, "password")
+  #
+  # The same on the high layer:
+  #   pkcs11 = PKCS11.open("/path/to/pkcs11.so")
+  #   session = pkcs11.active_slots.first.open
+  #   session.login(:USER, "password")
+  class Library
+    # @private
+    alias unwrapped_initialize initialize # :nodoc:
+
+    # Load and initialize a pkcs11 dynamic library.
+    #
+    # @param [String, nil] so_path  Path to the *.so or *.dll file to load.
+    # @param [Hash, CK_C_INITIALIZE_ARGS] args  A Hash or CK_C_INITIALIZE_ARGS instance with load params.
+    #
+    # If so_path is +nil+ no library is loaded or initialized.
+    # In this case the calls to {#load_library}, {#C_GetFunctionList} and
+    # {#C_Initialize} have to be done manually, before using other methods:
+    #   pkcs11 = PKCS11::Library.new
+    #   pkcs11.load_library(so_path)
+    #   pkcs11.C_GetFunctionList
+    #   pkcs11.C_Initialize(args)
+    def initialize(so_path=nil, args={})
+      unwrapped_initialize(so_path, args)
+    end
+
+    alias unwrapped_C_Initialize C_Initialize
+    # Initialize a pkcs11 dynamic library.
+    #
+    # @param [Hash, CK_C_INITIALIZE_ARGS] args  A Hash or CK_C_INITIALIZE_ARGS instance with load params.
+    def C_Initialize(args=nil)
+      case args
+        when Hash
+          pargs = CK_C_INITIALIZE_ARGS.new
+          args.each{|k,v| pargs.send("#{k}=", v) }
+        else
+          pargs = args
+      end
+      unwrapped_C_Initialize(pargs)
+    end
+
+    alias unwrapped_C_GetInfo C_GetInfo
+    # Returns general information about Cryptoki.
+    # @return [CK_INFO]
+    def C_GetInfo
+      unwrapped_C_GetInfo
+    end
+    alias info C_GetInfo
+
+    alias unwrapped_C_GetSlotList C_GetSlotList
+
+    # Obtain an array of Slot objects in the system.
+    #
+    # @param [true, false] tokenPresent  indicates whether the list
+    #    obtained includes only those slots with a token present (true), or
+    #    all slots (false);
+    # @return [Array<Slot>]
+    def C_GetSlotList(tokenPresent=false)
+      slots = unwrapped_C_GetSlotList(tokenPresent)
+      slots.map{|slot|
+        Slot.new self, slot
+      }
+    end
+    alias slots C_GetSlotList
+
+    # Obtain an array of Slot objects in the system with a token present.
+    # @return [Array<Slot>]
+    def active_slots
+      slots(true)
+    end
+
+    # Obtain an array of Slot objects in the system regardless if a token is present.
+    # @return [Array<Slot>]
+    def all_slots
+      slots(false)
+    end
+
+    alias unwrapped_C_WaitForSlotEvent C_WaitForSlotEvent
+
+    # Waits for a slot event, such as token insertion or token removal, to occur.
+    #
+    # @param [Integer] flags  determines whether or not the C_WaitForSlotEvent call blocks (i.e., waits
+    #    for a slot event to occur);
+    #    At present, the only flag defined for use in the flags argument is PKCS11::CKF_DONT_BLOCK
+    # @return [Slot, nil] the slot that the event occurred in; nil if no event occured (CKR_NO_EVENT)
+    def C_WaitForSlotEvent(flags=0)
+      slot = unwrapped_C_WaitForSlotEvent(flags)
+      slot ? Slot.new(self, slot) : nil
+    end
+    alias wait_for_slot_event C_WaitForSlotEvent
+
+    # Finalize and unload the library. If not called explicit, the library is freed by the GC.
+    def close
+      self.C_Finalize
+      self.unload_library
+    end
+
+    # Return the value of a named constant. Used for CKA_* and CKM_* .
+    # This method could be overloaded for vendor specific extensions.
+    #
+    # @param [String] name Name of the constant
+    # @return [Integer] Value of the constant
+    def vendor_const_get(name)
+      PKCS11.const_get(name)
+    end
+
+    # Return an array of all known CKA_* attributes as String.
+    # This method could be overloaded for vendor specific extensions.
+    def vendor_all_attribute_names
+      return ATTRIBUTES.values
+    end
+
+    # Return the parameter struct of a given mechanism.
+    # This method could be overloaded for vendor specific extensions.
+    #
+    # @param [Integer] mech Mechanism
+    # @return [PKCS11::CStruct] appropriate class as parameter for the mechanism
+    def vendor_mechanism_parameter_struct(mech)
+      Helper::MechanismParameters[mech]
+    end
+
+    private :unwrapped_initialize
+    private :unwrapped_C_GetSlotList
+    private :unwrapped_C_GetInfo
+  end
+end

data/lib/pkcs11/object.rb

@@ -0,0 +1,171 @@
+require 'pkcs11/helper'
+
+module PKCS11
+  # Cryptoki's logical view of a token is a device that stores objects and can perform
+  # cryptographic functions. Cryptoki defines three classes of object: data, certificates, and
+  # keys.
+  #
+  # Attributes are characteristics that distinguish an instance of an object.
+  class Object
+    include Helper
+
+    # @private
+    def initialize(pkcs11, session, object) # :nodoc:
+      @pk, @sess, @obj = pkcs11, session, object
+    end
+
+    # The object handle.
+    # @return [Integer]
+    def to_int
+      @obj
+    end
+    alias to_i to_int
+
+    # @private
+    def inspect # :nodoc:
+      "#<#{self.class} #{@obj.inspect}>"
+    end
+
+    # Get the value of one or several attributes of the object.
+    #
+    # @param [String, Symbol, Integer, Array] attribute can be String or Symbol
+    #             of the attribute(s) constant or the attribute(s) number as Integer.
+    #
+    # @return [String, Integer, Boolean, Array, nil] the attribute value as String,
+    #   Integer or true/false depending on the attribute type.
+    #   If called with more than one parameter or with an Array, a Array
+    #   of attribute values is returned.
+    # Unknown attributes (out of PKCS#11 v2.2) are not converted to adequate
+    # ruby objects but returned as String.
+    # That is true/false will be returned as "\\001" respectively "\\000".
+    #
+    # @example
+    #     object[:VALUE] # => "\000\000\000\000\000\000\000\000"
+    #     object[:MODULUS_BITS] # => 768
+    #     object[:MODULUS_BITS, :LABEL] # => [1024, "MyKey"]
+    #
+    # See PKCS#11 for attribute definitions.
+    def [](*attributes)
+      attrs = C_GetAttributeValue( attributes.flatten )
+      if attrs.length>1 || attributes.first.kind_of?(Array)
+        attrs.map(&:value)
+      else
+        attrs.first.value unless attrs.empty?
+      end
+    end
+
+    # Modifies the value of one or several attributes of the object.
+    #
+    # @param [String, Symbol, Integer] attribute  can be String or Symbol of the attribute constant
+    #             or the attribute value as Integer.
+    # @param [String, Integer, Boolean, Array, nil] value  value(s) the attribute(s) will be set to.
+    #
+    # Following value conversations are done from Ruby to C:
+    #   true   -> 0x01
+    #   false  -> 0x00
+    #   nil    -> NULL pointer
+    #   Fixnum -> binary encoded unsigned long
+    #
+    # @example
+    #     object[:VALUE] = "\000\000\000\000\000\000\000\000"
+    #     object[:MODULUS_BITS] = 768
+    #     object[:MODULUS_BITS, :LABEL] = 1024, 'MyKey'
+    #
+    # See PKCS#11 for attribute definitions.
+    # @return value
+    def []=(*attributes)
+      values = attributes.pop
+      values = [values] unless values.kind_of?(Array)
+      raise ArgumentError, "different number of attributes to set (#{attributes.length}) and given values (#{values.length})" unless attributes.length == values.length
+      map = values.each.with_index.inject({}){|s, v| s[attributes[v[1]]] = v[0]; s }
+      C_SetAttributeValue( map )
+    end
+
+    # Modifies the value of one or more attributes of the object in a single call.
+    #
+    # @example
+    #   object.attributes = {:SUBJECT => cert_subject, PKCS11::CKA_VALUE => cert_data}
+    # @return template
+    def C_SetAttributeValue(template={})
+      @pk.C_SetAttributeValue(@sess, @obj, to_attributes(template))
+      template
+    end
+    alias attributes= C_SetAttributeValue
+
+    # Obtains the value of one or more attributes of the object in a single call.
+    #
+    # @param [Array<String, Symbol, Integer>, Hash, String, Integer] attribute attribute names
+    #    whose values should be returned
+    #
+    # Without params all known attributes are tried to read from the Object.
+    # This is significant slower then naming the needed attributes and should
+    # be used for debug purposes only.
+    #
+    # @return [Array<PKCS11::CK_ATTRIBUTE>] Requested attributes with values.
+    #
+    # @example
+    #   certificate.attributes :VALUE, :CLASS
+    #    => [#<PKCS11::CK_ATTRIBUTE CKA_VALUE (17) value="0\x82...">, #<PKCS11::CK_ATTRIBUTE CKA_CLASS (0) value=1>]
+    def C_GetAttributeValue(*template)
+      case template.length
+        when 0
+          return @pk.vendor_all_attribute_names.map{|attr|
+            begin
+              attributes(@pk.vendor_const_get(attr))
+            rescue PKCS11::Error
+            end
+          }.flatten.compact
+        when 1
+          template = template[0]
+      end
+      template = to_attributes template
+      @pk.C_GetAttributeValue(@sess, @obj, template)
+    end
+    alias attributes C_GetAttributeValue
+
+    # Copies an object, creating a new object for the copy.
+    #
+    # @param [Hash] template
+    #
+    # The template may specify new values for any attributes of the object that can ordinarily
+    # be modified (e.g., in the course of copying a secret key, a key's CKA_EXTRACTABLE
+    # attribute may be changed from true to false, but not the other way around.
+    # If this change is made, the new key's CKA_NEVER_EXTRACTABLE attribute will
+    # have the value false. Similarly, the template may specify that the new key's
+    # CKA_SENSITIVE attribute be true; the new key will have the same value for its
+    # CKA_ALWAYS_SENSITIVE attribute as the original key). It may also specify new
+    # values of the CKA_TOKEN and CKA_PRIVATE attributes (e.g., to copy a session
+    # object to a token object). If the template specifies a value of an attribute which is
+    # incompatible with other existing attributes of the object, the call fails with exception
+    # CKR_TEMPLATE_INCONSISTENT.
+    #
+    # Only session objects can be created during a read-only session. Only public objects can
+    # be created unless the normal user is logged in.
+    #
+    # @return [PKCS11::Object] the newly created object
+    def C_CopyObject(template={})
+      handle = @pk.C_CopyObject(@sess, @obj, to_attributes(template))
+      Object.new @pk, @sess, handle
+    end
+    alias copy C_CopyObject
+
+    # Destroys the object.
+    #
+    # Only session objects can be destroyed during a read-only session. Only public objects
+    # can be destroyed unless the normal user is logged in.
+    # @return [PKCS11::Object]
+    def C_DestroyObject()
+      @pk.C_DestroyObject(@sess, @obj)
+      self
+    end
+    alias destroy C_DestroyObject
+
+    # Gets the size of an object in bytes.
+    # @return [Integer]
+    def C_GetObjectSize()
+      @pk.C_GetObjectSize(@sess, @obj)
+    end
+    alias size C_GetObjectSize
+
+  end
+end