RubyGems - pkcs11 - Versions diffs - 0.2.4-x64-mingw32 - Mend

pkcs11 0.2.4-x64-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

data.tar.gz.sig +0 -0
data/.autotest +23 -0
data/.gemtest +0 -0
data/.yardopts +1 -0
data/History.txt +57 -0
data/MIT-LICENSE +22 -0
data/Manifest.txt +57 -0
data/README.rdoc +205 -0
data/Rakefile +111 -0
data/ext/extconf.rb +7 -0
data/ext/generate_constants.rb +57 -0
data/ext/generate_structs.rb +206 -0
data/ext/generate_thread_funcs.rb +72 -0
data/ext/include/cryptoki.h +66 -0
data/ext/include/ct-kip.h +50 -0
data/ext/include/otp-pkcs11.h +125 -0
data/ext/include/pkcs-11v2-20a3.h +124 -0
data/ext/include/pkcs11.h +299 -0
data/ext/include/pkcs11f.h +912 -0
data/ext/include/pkcs11t.h +1885 -0
data/ext/pk11.c +1675 -0
data/ext/pk11.h +81 -0
data/ext/pk11_const.c +205 -0
data/ext/pk11_const_def.inc +452 -0
data/ext/pk11_const_macros.h +38 -0
data/ext/pk11_struct.doc +792 -0
data/ext/pk11_struct_def.inc +302 -0
data/ext/pk11_struct_impl.inc +302 -0
data/ext/pk11_struct_macros.h +435 -0
data/ext/pk11_thread_funcs.c +411 -0
data/ext/pk11_thread_funcs.h +482 -0
data/ext/pk11_version.h +6 -0
data/lib/2.0/pkcs11_ext.so +0 -0
data/lib/pkcs11.rb +9 -0
data/lib/pkcs11/extensions.rb +68 -0
data/lib/pkcs11/helper.rb +144 -0
data/lib/pkcs11/library.rb +140 -0
data/lib/pkcs11/object.rb +171 -0
data/lib/pkcs11/session.rb +765 -0
data/lib/pkcs11/slot.rb +102 -0
data/pkcs11_protect_server/Manifest.txt +14 -0
data/pkcs11_protect_server/README_PROTECT_SERVER.rdoc +89 -0
data/test/fixtures/softokn/cert8.db +0 -0
data/test/fixtures/softokn/key3.db +0 -0
data/test/fixtures/softokn/secmod.db +0 -0
data/test/helper.rb +58 -0
data/test/test_pkcs11.rb +71 -0
data/test/test_pkcs11_crypt.rb +220 -0
data/test/test_pkcs11_object.rb +122 -0
data/test/test_pkcs11_session.rb +123 -0
data/test/test_pkcs11_slot.rb +78 -0
data/test/test_pkcs11_structs.rb +166 -0
data/test/test_pkcs11_thread.rb +44 -0
metadata +213 -0
metadata.gz.sig +0 -0

data/test/test_pkcs11_object.rb ADDED

@@ -0,0 +1,122 @@
+require "test/unit"
+require "pkcs11"
+require "test/helper"
+class TestPkcs11Object < Test::Unit::TestCase
+  include PKCS11
+  attr_reader :slots
+  attr_reader :slot
+  attr_reader :session
+  attr_reader :object
+  def setup
+    $pkcs11 ||= open_softokn
+    @slots = pk.active_slots
+    @slot = slots.last
+    flags = CKF_SERIAL_SESSION #| CKF_RW_SESSION
+    @session = slot.C_OpenSession(flags)
+#     @session.login(:USER, "")
+    # Create session object for tests.
+    @object = session.create_object(
+      :CLASS=>CKO_DATA,
+      :TOKEN=>false,
+      :APPLICATION=>'My Application',
+      :VALUE=>'value')
+  end
+  def teardown
+#     @session.logout
+    @session.close
+  end
+  def pk
+    $pkcs11
+  end
+  def test_attributes
+    assert_equal 1, object.attributes(:VALUE).length, 'There should be one resulting attribute'
+    assert_equal CK_ATTRIBUTE, object.attributes(:VALUE).first.class, 'Resulting attribute should be type CK_ATTRIBUTE'
+    assert_equal CKO_DATA, object.attributes(:CLASS).first.value, 'Resulting attribute should be Integer value CKO_DATA'
+    assert_equal 3, object.attributes(:VALUE, :TOKEN, :PRIVATE).length, 'An object should have some attributes'
+    assert_equal 3, object.attributes([:VALUE, :TOKEN, :APPLICATION]).length, 'Another way to retieve attributes'
+    assert_equal 2, object.attributes(:VALUE=>nil, :TOKEN=>nil).length, 'Third way to retieve attributes'
+    # The C language way to retrieve the attribute values:
+    template = [
+      CK_ATTRIBUTE.new(CKA_VALUE, nil),
+    ]
+    attrs = pk.C_GetAttributeValue(session, object, template)
+    attrs.each do |attr|
+      assert attr.value, 'There should be a value to the object'
+    end
+    assert object.attributes.length>=4, 'There should be at least the 4 stored attributes readable'
+    assert_not_nil object.attributes.find{|a| a.type==CKA_CLASS}, 'CKA_CLASS should be returned for Object#attributes'
+  end
+  def test_accessor
+    assert_equal 'value', object[:VALUE], "Value should be readable"
+    assert_equal CKO_DATA, object[:CLASS], "Class should be readable"
+    assert_equal ['value', CKO_DATA], object[:VALUE, :CLASS], "multiple values should be readable"
+    assert_equal ['value', CKO_DATA], object[[:VALUE, :CLASS]], "multiple values should be readable"
+    assert_equal [], object[[]], "multiple values should be readable"
+  end
+  def test_attribute
+    attr = object.attributes(:CLASS).first
+    assert attr.inspect =~ /CLASS/, 'The attribute should tell about it\'s type'
+    assert attr.inspect =~ /#{CKO_DATA}/, 'The attribute should tell about it\'s type'
+  end
+  def test_set_attribute
+    object[:VALUE] = 'value2'
+    assert_equal 'value2', object[:VALUE], "Value should have changed"
+    object[:VALUE] = ['value3']
+    assert_equal 'value3', object[:VALUE], "Value should have changed"
+  end
+  def test_set_attributes
+    object.attributes = {:VALUE => 'value4', PKCS11::CKA_APPLICATION => 'app4'}
+    assert_equal 'value4', object[:VALUE], "Value should have changed"
+    assert_equal 'app4', object[:APPLICATION], "App should have changed"
+    object[:VALUE, PKCS11::CKA_APPLICATION] = 'value5', 'app5'
+    assert_equal 'value5', object[:VALUE], "Value should have changed"
+    assert_equal 'app5', object[:APPLICATION], "App should have changed"
+    assert_raise(ArgumentError) do
+      object[:VALUE, PKCS11::CKA_APPLICATION, :CLASS] = 'value5', 'app5'
+    end
+    assert_nothing_raised{ object[] = [] }
+  end
+  def test_size
+    assert object.size, 'There should be an object size'
+  end
+  def test_copy_without_params
+    new_obj = object.copy
+    new_obj[:APPLICATION] = 'Copied object'
+    assert_equal 'Copied object', new_obj[:APPLICATION], "Application should be changed"
+    assert_equal 'My Application', object[:APPLICATION], "Original object should be unchanged"
+  end
+  def test_copy_with_params
+    new_obj = object.copy :APPLICATION=>'Copied object'
+    assert_equal 'value', new_obj[:VALUE], "Value should be copied"
+    assert_equal 'Copied object', new_obj[:APPLICATION], "Application should be changed"
+    assert_equal 'My Application', object[:APPLICATION], "Original object should be unchanged"
+  end
+  def test_destroy
+    object.destroy
+    assert_raise(CKR_OBJECT_HANDLE_INVALID, 'destroyed object shouldn\'t have any attributes') do
+      object[:VALUE]
+    end
+  end
+end

data/test/test_pkcs11_session.rb ADDED

@@ -0,0 +1,123 @@
+require "test/unit"
+require "pkcs11"
+require "test/helper"
+require "openssl"
+class TestPkcs11Session < Test::Unit::TestCase
+  include PKCS11
+  attr_reader :slots
+  attr_reader :slot
+  attr_reader :session
+  TestCert_ID = "\230Z\275=\2614\236\337\fY\017Y\346\202\212\v\025\335\0239"
+  def setup
+    $pkcs11 ||= open_softokn
+    @slots = pk.active_slots
+    @slot = slots.last
+    flags = CKF_SERIAL_SESSION #| CKF_RW_SESSION
+    @session = slot.C_OpenSession(flags)
+#     @session.login(:USER, "")
+  end
+  def teardown
+#     @session.logout
+    @session.close
+  end
+  def pk
+    $pkcs11
+  end
+  def test_find_objects
+    obj = session.find_objects(:CLASS => CKO_CERTIFICATE)
+    assert obj.length>2, 'There should be some certificates in the test database'
+    assert_equal PKCS11::Object, obj.first.class, 'Retuned objects should be class Object'
+    session.find_objects(:CLASS => CKO_CERTIFICATE) do |obj2|
+      assert obj2[:SUBJECT], 'A certificate should have a subject'
+      assert OpenSSL::X509::Name.new(obj2[:SUBJECT]).to_s =~ /\/CN=/i, 'Every certificate should have a CN in the subject'
+    end
+  end
+  def test_random
+    session.seed_random('some entropy')
+    rnd1 = session.generate_random(13)
+    assert_equal rnd1.length, 13, 'expected length'
+    rnd2 = session.generate_random(13)
+    assert_equal rnd2.length, 13, 'expected length'
+    assert_not_equal rnd1, rnd2, 'Two random blocks should be different'
+  end
+  def test_session_info
+    info = session.info
+    assert info.inspect =~ /flags=/, 'Session info should have a flag attribute'
+  end
+  def test_create_data_object
+    obj = session.create_object(
+      :CLASS=>CKO_DATA,
+      :TOKEN=>false,
+      :APPLICATION=>'My Application',
+      :VALUE=>'value')
+  end
+  def test_create_certificate_object
+    obj1 = session.find_objects(:CLASS => CKO_CERTIFICATE, :ID=>TestCert_ID).first
+    obj = session.create_object(
+      :CLASS=>CKO_CERTIFICATE,
+      :SUBJECT=>obj1[:SUBJECT],
+      :TOKEN=>false,
+      :LABEL=>'test_create_object',
+      :CERTIFICATE_TYPE=>CKC_X_509,
+      :ISSUER=>obj1[:ISSUER],
+      :VALUE=>obj1[:VALUE],
+      :SERIAL_NUMBER=>'12345'
+    )
+    assert_equal '12345', obj[:SERIAL_NUMBER], 'Value as created'
+  end
+  def test_create_public_key_object
+    rsa = OpenSSL::PKey::RSA.generate(512)
+    obj = session.create_object(
+      :CLASS=>CKO_PUBLIC_KEY,
+      :KEY_TYPE=>CKK_RSA,
+      :TOKEN=>false,
+      :MODULUS=>rsa.n.to_s(2),
+      :PUBLIC_EXPONENT=>rsa.e.to_s(2),
+      :LABEL=>'test_create_public_key_object')
+    assert_equal 'test_create_public_key_object', obj[:LABEL], 'Value as created'
+  end
+  def test_get_set_operation_state
+    plaintext = "secret text"
+    # Start a digest operation
+    session.C_DigestInit(:SHA_1)
+    session.C_DigestUpdate(plaintext[0..3])
+    # Save the current state and close the session
+    state = session.get_operation_state
+    @session.close
+    assert state.length >= 4, 'There should be at least some bytes for the first part of plaintext in the state'
+    # Open a new session and restore the previous state
+    @session = @slot.open
+    session.login(:USER, "")
+    session.set_operation_state(state)
+    # Finish the digest
+    session.C_DigestUpdate(plaintext[4..-1])
+    digest1 = session.C_DigestFinal
+    digest2 = OpenSSL::Digest::SHA1.new(plaintext).digest
+    assert_equal digest2, digest1, 'Digests should be equal'
+  end
+end

data/test/test_pkcs11_slot.rb ADDED

@@ -0,0 +1,78 @@
+require "test/unit"
+require "pkcs11"
+require "test/helper"
+class TestPkcs11Slot < Test::Unit::TestCase
+  include PKCS11
+  attr_reader :slots
+  attr_reader :slot
+  def setup
+    $pkcs11 ||= open_softokn
+    @slots = pk.active_slots
+    @slot = slots.last
+  end
+  def teardown
+  end
+  def pk
+    $pkcs11
+  end
+  def test_info
+    sinfo = slot.info
+    assert sinfo.inspect =~ /manufacturerID=/, 'Slot info should tell about manufacturerID'
+    assert_equal Fixnum, sinfo.flags.class
+    assert sinfo.manufacturerID =~ /Mozilla/i, "It's the mozilla libaray we test against"
+    assert sinfo.slotDescription =~ /Private Key/i, "It's the slot with users private keys"
+    assert_equal Fixnum, sinfo.hardwareVersion.major.class, "Version should be a number"
+    assert_equal Fixnum, sinfo.hardwareVersion.minor.class, "Version should be a number"
+    assert_equal Fixnum, sinfo.firmwareVersion.major.class, "Version should be a number"
+    assert_equal Fixnum, sinfo.firmwareVersion.minor.class, "Version should be a number"
+  end
+  def test_token_info
+    ti = slot.token_info
+    assert ti.inspect =~ /serialNumber=/, 'Token info should contain a serialNumber'
+  end
+  def test_mechanisms
+    assert_equal false, slot.mechanisms.empty?, 'There should be some mechanisms'
+    slot.mechanisms.each do |m|
+      info = slot.mechanism_info(m)
+      assert_equal CK_MECHANISM_INFO, info.class, 'Mechanism info should get a CK_MECHANISM_INFO'
+      assert info.inspect =~ /ulMaxKeySize=/, 'Mechanism info should tell about max key size'
+    end
+  end
+  def test_mechanism_info
+    info1 = slot.mechanism_info(:DES3_CBC)
+    assert_equal CK_MECHANISM_INFO, info1.class, 'Mechanism info should get a CK_MECHANISM_INFO'
+    assert info1.inspect =~ /ulMinKeySize=/, 'Mechanism info should tell about min key size'
+    info2 = slot.mechanism_info(CKM_DES3_CBC)
+    assert_equal info1.to_hash, info2.to_hash, 'Mechanism infos should be equal'
+  end
+  def test_session
+    flags = CKF_SERIAL_SESSION #| CKF_RW_SESSION
+    session = slot.open(flags){|_session|
+      assert _session.info.inspect =~ /state=/, 'Session info should tell about it\'s state'
+    }
+    session = slot.open(flags)
+    assert session.info.inspect =~ /flags=/, 'Session info should tell about it\'s flags'
+    session.close
+  end
+  def test_session2
+    flags = CKF_SERIAL_SESSION #| CKF_RW_SESSION
+    session = slot.open(flags)
+    slot.close_all_sessions
+  end
+end

data/test/test_pkcs11_structs.rb ADDED

@@ -0,0 +1,166 @@
+require "test/unit"
+require "pkcs11"
+require "test/helper"
+class TestPkcs11Structs < Test::Unit::TestCase
+  include PKCS11
+  def setup
+  end
+  def teardown
+  end
+  def test_STRING_ACCESSOR
+    s = CK_DATE.new
+    assert_equal "\0\0", s.day
+    assert_equal "\0\0\0\0", s.year
+    s.day = "12345"
+    assert_equal "12", s.day
+    s.day = "9"
+    assert_equal "9\0", s.day
+    assert_raise(TypeError){ s.day = nil }
+  end
+  def test_ULONG_ACCESSOR
+    s = CK_SSL3_KEY_MAT_PARAMS.new
+    assert_equal 0, s.ulIVSizeInBits
+    s.ulIVSizeInBits = 1234567890
+    assert_equal 1234567890, s.ulIVSizeInBits
+    s.ulIVSizeInBits = 2345678901
+    assert_equal 2345678901, s.ulIVSizeInBits
+    assert_raise(TypeError){ s.ulIVSizeInBits = nil }
+  end
+  def test_BOOL_ACCESSOR
+    s = CK_SSL3_KEY_MAT_PARAMS.new
+    assert_equal false, s.bIsExport
+    s.bIsExport = true
+    assert_equal true, s.bIsExport
+    s.bIsExport = false
+    assert_equal false, s.bIsExport
+    assert_raise(ArgumentError){ s.bIsExport = nil }
+  end
+  def test_STRING_PTR_ACCESSOR
+    s = CK_WTLS_MASTER_KEY_DERIVE_PARAMS.new
+    assert_nil s.pVersion
+    s.pVersion = "1.2.3"
+    assert_equal "1.2.3", s.pVersion
+    s.pVersion = nil
+    assert_nil s.pVersion
+  end
+  def test_STRUCT_ACCESSOR
+    s = CK_SSL3_KEY_MAT_PARAMS.new
+    ri = s.RandomInfo
+    ro = s.RandomInfo
+    assert_nil ri.pClientRandom
+    assert_nil ro.pServerRandom
+    GC.start
+    ri.pServerRandom = 'serv'
+    ro.pClientRandom = 'client'
+    GC.start
+    assert_equal 'client', ri.pClientRandom
+    assert_equal 'serv', ro.pServerRandom
+    ro = CK_SSL3_RANDOM_DATA.new
+    ro.pClientRandom = 'clrnd'
+    s.RandomInfo = ro
+    assert_equal 'clrnd', ri.pClientRandom
+    assert_nil ri.pServerRandom
+    assert_raise(ArgumentError){ s.RandomInfo = nil }
+  end
+  def test_gc_STRUCT_ACCESSOR
+    ri = CK_SSL3_KEY_MAT_PARAMS.new.RandomInfo
+    ro = CK_SSL3_KEY_MAT_PARAMS.new.RandomInfo
+    ri.pServerRandom = 'serv'
+    ro.pServerRandom = '_serv'
+    GC.start
+    assert_equal '_serv', ro.pServerRandom
+    assert_equal 'serv', ri.pServerRandom
+    assert_nil ro.pClientRandom
+    assert_nil ri.pClientRandom
+  end
+  def test_STRING_PTR_LEN_ACCESSOR
+    s = CK_SSL3_RANDOM_DATA.new
+    assert_nil s.pServerRandom
+    GC.start
+    s.pServerRandom = 'serv'
+    s.pClientRandom = 'client'
+    GC.start
+    assert_equal 'client', s.pClientRandom
+    assert_equal 'serv', s.pServerRandom
+    GC.start
+    s.pServerRandom = nil
+    assert_nil s.pServerRandom
+  end
+  def test_STRUCT_PTR_ACCESSOR
+    s = CK_SSL3_KEY_MAT_PARAMS.new
+    assert_nil s.pReturnedKeyMaterial
+    ri = s.pReturnedKeyMaterial = CK_SSL3_KEY_MAT_OUT.new
+    assert_nil ri.pIVClient
+    ri.pIVClient = 'cli'
+    GC.start
+    assert_equal 'cli', ri.pIVClient
+    assert_equal 'cli', s.pReturnedKeyMaterial.pIVClient
+    s.pReturnedKeyMaterial = nil
+    assert_nil s.pReturnedKeyMaterial
+  end
+  def test_ULONG_PTR_ACCESSOR
+    s = CK_WTLS_PRF_PARAMS.new
+    assert_nil s.pulOutputLen
+    s.pulOutputLen = 123
+    GC.start
+    assert_equal 123, s.pulOutputLen
+    s.pulOutputLen = nil
+    assert_nil s.pulOutputLen
+  end
+  def test_STRUCT_ARRAY_ACCESSOR
+    s = CK_OTP_PARAMS.new
+    assert_equal [], s.pParams
+    s1 = CK_OTP_PARAM.new
+    s1.type = CK_OTP_VALUE
+    s1.pValue = "\0xyz"
+    s2 = CK_OTP_PARAM.new
+    s2.type = CK_OTP_PIN
+    s2.pValue = "1234"
+    s.pParams = [s1, s2]
+    assert_equal [s1.to_hash, s2.to_hash], s.pParams.map{|e| e.to_hash }
+    GC.start
+    assert_raise(ArgumentError){ s.pParams = [s1, s2, nil] }
+    assert_equal [s1.to_hash, s2.to_hash], s.pParams.map{|e| e.to_hash }
+    s.pParams = []
+    assert_equal [], s.pParams
+  end
+  def test_CStruct
+    s = CK_DATE.new
+    s.day, s.month, s.year = "31", "12", "2010"
+    assert s.inspect =~ /year="2010"/, 'There should be a year in CK_DATE'
+    assert_equal ["year", "month", "day"], s.members, 'CK_DATE should contain some attributes'
+    assert_equal ["2010", "12", "31"], s.values, 'values of CK_DATE'
+    assert_equal( {:day=>"31", :month=>"12", :year=>"2010"}, s.to_hash, 'CK_DATE as hash' )
+  end
+  def test_bignum_attribute
+    bignum = [-1].pack("l_").unpack("L_")[0]
+    attr = CK_ATTRIBUTE.new(CKA_KEY_TYPE, bignum)
+    assert_equal bignum, attr.value, "The bignum value should set"
+  end
+  def test_bignum_mechanism
+    bignum = [-1].pack("l_").unpack("L_")[0]
+    mech = CK_MECHANISM.new(bignum-1, bignum)
+    assert_equal bignum-1, mech.mechanism, "The bignum mechanism should set"
+    assert_equal [-1].pack("l_"), mech.pParameter, "The bignum parameter is retrieved as String"
+  end
+end