pkcs11 0.2.2 → 0.2.3

data/History.txt

@@ -1,3 +1,9 @@
+=== 0.2.3 / 2012-01-25
+
+* fix C_WaitForSlotEvent to be a Library- instead of a Slot-method
+* allow :sw/:hsm to ProtectServer::Library#load_library in the same way as #initialize
+* allow Hash argument to Library#C_Initialize in the same way as #initialize
+
 === 0.2.2 / 2011-12-12
 
 * add ability to change PKCS11 base methods in order to use vendor defined attributes, return codes and mechanisms

data/Rakefile

@@ -36,6 +36,7 @@ hoe = Hoe.spec 'pkcs11' do
   spec_extras[:files] = File.read_utf("Manifest.txt").split(/\r?\n\r?/).reject{|f| f=~/^pkcs11_/ }
   spec_extras[:files] += GENERATED_FILES
   spec_extras[:has_rdoc] = 'yard'
+  self.rdoc_locations << "larskanis@rack.rubyforge.org:/var/www/gforge-projects/pkcs11/pkcs11/"
 end
 
 ENV['RUBY_CC_VERSION'] ||= '1.8.7:1.9.2'

data/ext/pk11.c

@@ -244,9 +244,9 @@ pkcs11_initialize(int argc, VALUE *argv, VALUE self)
 
   rb_scan_args(argc, argv, "02", &path, &init_args);
   if( !NIL_P(path) ){
-    pkcs11_load_library(self, path);
-    pkcs11_C_GetFunctionList(self);
-    pkcs11_C_Initialize(1, &init_args, self);
+    rb_funcall(self, rb_intern("load_library"), 1, path);
+    rb_funcall(self, rb_intern("C_GetFunctionList"), 0);
+    rb_funcall2(self, rb_intern("C_Initialize"), 1, &init_args);
   }
 
   return self;

data/ext/pk11_version.h

@@ -1,6 +1,6 @@
 #ifndef RUBY_PK11_VERSION_H
 #define RUBY_PK11_VERSION_H
 
-static const char *VERSION = "0.2.2";
+static const char *VERSION = "0.2.3";
 
 #endif

data/lib/pkcs11/library.rb

@@ -35,6 +35,11 @@ module PKCS11
     #   pkcs11.C_GetFunctionList
     #   pkcs11.C_Initialize(args)
     def initialize(so_path=nil, args={})
+      unwrapped_initialize(so_path, args)
+    end
+
+    alias unwrapped_C_Initialize C_Initialize
+    def C_Initialize(args=nil)
       case args
         when Hash
           pargs = CK_C_INITIALIZE_ARGS.new
@@ -42,7 +47,7 @@ module PKCS11
         else
           pargs = args
       end
-      unwrapped_initialize(so_path, pargs)
+      unwrapped_C_Initialize(pargs)
     end
 
     alias unwrapped_C_GetInfo C_GetInfo
@@ -81,6 +86,20 @@ module PKCS11
       slots(false)
     end
 
+    alias unwrapped_C_WaitForSlotEvent C_WaitForSlotEvent
+
+    # Waits for a slot event, such as token insertion or token removal, to occur.
+    #
+    # @param [Integer] flags  determines whether or not the C_WaitForSlotEvent call blocks (i.e., waits
+    #    for a slot event to occur);
+    #    At present, the only flag defined for use in the flags argument is PKCS11::CKF_DONT_BLOCK
+    # @return [Slot, nil] the slot that the event occurred in; nil if no event occured (CKR_NO_EVENT)
+    def C_WaitForSlotEvent(flags=0)
+      slot = unwrapped_C_WaitForSlotEvent(flags)
+      slot ? Slot.new(self, slot) : nil
+    end
+    alias wait_for_slot_event C_WaitForSlotEvent
+
     # Finalize and unload the library. If not called explicit, the library is freed by the GC.
     def close
       self.C_Finalize

data/lib/pkcs11/slot.rb

@@ -29,22 +29,13 @@ module PKCS11
       @pk.C_GetSlotInfo(@slot)
     end
     alias info C_GetSlotInfo
-    
+
     # Obtains information about a particular token in the system.
     # @return [PKCS11::CK_TOKEN_INFO]
     def C_GetTokenInfo
       @pk.C_GetTokenInfo(@slot)
     end
     alias token_info C_GetTokenInfo
-    
-    # Waits for a slot event, such as token insertion or token removal, to
-    # occur.
-    # @param flags determines whether or not the C_WaitForSlotEvent call blocks (i.e., waits
-    #   for a slot event to occur);
-    def C_WaitForSlotEvent(flags)
-      @pk.C_WaitForSlotEvent(@slot, flags)
-    end
-    alias wait_for_event C_WaitForSlotEvent
 
     # C_GetMechanismList is used to obtain a list of mechanism types supported by a token.
     # @return [Array<PKCS11::CKM_*>]
@@ -75,7 +66,7 @@ module PKCS11
       self
     end
     alias init_token C_InitToken
-    
+
     # Opens a Session between an application and a token in a particular slot.
     #
     # @param [Integer] flags  indicates the type of session. Default is read-only,
@@ -99,7 +90,7 @@ module PKCS11
       end
     end
     alias open C_OpenSession
-    
+
     # Closes all sessions an application has with a token.
     # @return [PKCS11::Slot]
     def C_CloseAllSessions

data/test/test_pkcs11.rb

@@ -3,31 +3,34 @@ require "pkcs11"
 require "test/helper"
 
 class TestPkcs11 < Test::Unit::TestCase
-  def setup
+  attr_reader :pk
+
+  def open
     @pk = open_softokn
   end
 
-  def teardown
+  def close
     @pk.close
     @pk = nil
     GC.start
   end
 
-  def pk
-    @pk
-  end
-
   def test_info
+    open
     info = pk.info
     assert info.inspect =~ /cryptokiVersion=/, 'There should be a version in the library info'
+    close
   end
 
   def test_slots
+    open
     slots = pk.active_slots
     assert slots.length>=1, 'Hope there is at least one active slot'
+    close
   end
 
   def test_close
+    open
     pk.close
     pk.unload_library
     assert_raise(PKCS11::Error){ pk.info }
@@ -43,5 +46,26 @@ class TestPkcs11 < Test::Unit::TestCase
     pk.C_Initialize(pargs)
 
     pk.info
+    close
+  end
+
+  def test_C_Initialize_with_Hash
+    pk = PKCS11.open
+    pk.load_library(find_softokn)
+    pk.C_GetFunctionList
+    pk.C_Initialize(:flags=>0, :pReserved=>softokn_params_string)
+    pk.info
+    pk.close
+  end
+
+  def test_wait_for_slot_event
+    open
+    # Softokn's C_WaitForSlotEvent() currently raises PKCS11::CKR_FUNCTION_NOT_SUPPORTED.
+    # So just check, that the call goes to softokn at all.
+    begin
+      pk.wait_for_slot_event
+    rescue PKCS11::Error
+    end
+    close
   end
 end

data/test/test_pkcs11_crypt.rb

@@ -19,7 +19,7 @@ class TestPkcs11Crypt < Test::Unit::TestCase
     @slot = slots.last
     @session = slot.open
 #     session.login(:USER, "")
-    
+
     @rsa_pub_key = session.find_objects(:CLASS => CKO_PUBLIC_KEY,
                         :KEY_TYPE => CKK_RSA).first
     @rsa_priv_key = session.find_objects(:CLASS => CKO_PRIVATE_KEY,
@@ -47,7 +47,7 @@ class TestPkcs11Crypt < Test::Unit::TestCase
     cryptogram = session.encrypt( :RSA_PKCS, rsa_pub_key, plaintext1)
     assert cryptogram.length>10, 'The cryptogram should contain some data'
     assert_not_equal cryptogram, plaintext1, 'The cryptogram should be different to plaintext'
-    
+
     plaintext2 = session.decrypt( :RSA_PKCS, rsa_priv_key, cryptogram)
     assert_equal plaintext1, plaintext2, 'Decrypted plaintext should be the same'
   end
@@ -57,14 +57,14 @@ class TestPkcs11Crypt < Test::Unit::TestCase
     cryptogram = session.encrypt( {:DES3_CBC_PAD=>"\0"*8}, secret_key, plaintext1)
     assert_equal 16, cryptogram.length, 'The cryptogram should contain some data'
     assert_not_equal cryptogram, plaintext1, 'The cryptogram should be different to plaintext'
-    
+
     cryptogram2 = ''
     cryptogram2 << session.encrypt( {:DES3_CBC_PAD=>"\0"*8}, secret_key ) do |cipher|
       cryptogram2 << cipher.update(plaintext1[0, 8])
       cryptogram2 << cipher.update(plaintext1[8..-1])
     end
     assert_equal cryptogram, cryptogram2, "Encrypt with and w/o block should be lead to the same result"
-    
+
     plaintext2 = session.decrypt( {:DES3_CBC_PAD=>"\0"*8}, secret_key, cryptogram)
     assert_equal plaintext1, plaintext2, 'Decrypted plaintext should be the same'
   end
@@ -82,7 +82,7 @@ class TestPkcs11Crypt < Test::Unit::TestCase
 
     valid = session.verify( :SHA1_RSA_PKCS, rsa_pub_key, signature, plaintext)
     assert  valid, 'The signature should be correct'
-    
+
     assert_raise(CKR_SIGNATURE_INVALID, 'The signature should be invalid on different text') do
       session.verify( :SHA1_RSA_PKCS, rsa_pub_key, signature, "modified text")
     end
@@ -150,7 +150,7 @@ class TestPkcs11Crypt < Test::Unit::TestCase
       {:ENCRYPT=>true, :WRAP=>true, :DECRYPT=>true, :UNWRAP=>true, :TOKEN=>false, :LOCAL=>true})
     assert_equal true, key[:LOCAL], 'Keys created on the token should be marked as local'
     assert_equal CKK_DES2, key[:KEY_TYPE], 'Should be a 2 key 3des key'
-		
+
 		# other ways to use mechanisms
     key = session.generate_key(CKM_DES2_KEY_GEN,
       {:ENCRYPT=>true, :WRAP=>true, :DECRYPT=>true, :UNWRAP=>true, :TOKEN=>false, :LOCAL=>true})
@@ -165,7 +165,7 @@ class TestPkcs11Crypt < Test::Unit::TestCase
       {:ENCRYPT=>true, :VERIFY=>true, :WRAP=>true, :MODULUS_BITS=>768, :PUBLIC_EXPONENT=>[3].pack("N"), :TOKEN=>false},
       {:PRIVATE=>true, :SUBJECT=>'test', :ID=>[123].pack("n"),
        :SENSITIVE=>true, :DECRYPT=>true, :SIGN=>true, :UNWRAP=>true, :TOKEN=>false, :LOCAL=>true})
-    
+
     assert_equal true, priv_key[:LOCAL], 'Private keys created on the token should be marked as local'
     assert_equal priv_key[:CLASS], CKO_PRIVATE_KEY
     assert_equal pub_key[:CLASS], CKO_PUBLIC_KEY
@@ -183,7 +183,7 @@ class TestPkcs11Crypt < Test::Unit::TestCase
 
     # Derive secret DES key for side 1 with OpenSSL
     new_key1 = key1.compute_key(OpenSSL::BN.new pub_key2[:VALUE], 2)
-    
+
     # Derive secret DES key for side 2 with softokn3
     new_key2 = session.derive_key( {:DH_PKCS_DERIVE=>key1.pub_key.to_s(2)}, priv_key2,
       :CLASS=>CKO_SECRET_KEY, :KEY_TYPE=>CKK_AES, :VALUE_LEN=>16, :ENCRYPT=>true, :DECRYPT=>true, :SENSITIVE=>false )

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: pkcs11
 version: !ruby/object:Gem::Version 
-  hash: 19
+  hash: 17
   prerelease: 
   segments: 
   - 0
   - 2
-  - 2
-  version: 0.2.2
+  - 3
+  version: 0.2.3
 platform: ruby
 authors: 
 - Ryosuke Kutsuna
@@ -17,7 +17,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-12-12 00:00:00 Z
+date: 2012-01-25 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: yard
@@ -50,33 +50,33 @@ dependencies:
   type: :development
   version_requirements: *id002
 - !ruby/object:Gem::Dependency 
-  name: hoe
+  name: rdoc
   prerelease: false
   requirement: &id003 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 27
+        hash: 19
         segments: 
-        - 2
-        - 12
-        version: "2.12"
+        - 3
+        - 10
+        version: "3.10"
   type: :development
   version_requirements: *id003
 - !ruby/object:Gem::Dependency 
-  name: rdoc
+  name: hoe
   prerelease: false
   requirement: &id004 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 19
+        hash: 27
         segments: 
-        - 3
-        - 10
-        version: "3.10"
+        - 2
+        - 12
+        version: "2.12"
   type: :development
   version_requirements: *id004
 description: "This module allows Ruby programs to interface with \"RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki)\"."
@@ -175,15 +175,15 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: pkcs11
-rubygems_version: 1.8.11
+rubygems_version: 1.8.6
 signing_key: 
 specification_version: 3
 summary: PKCS#11 binding for Ruby
 test_files: 
+- test/test_pkcs11_object.rb
 - test/test_pkcs11_thread.rb
-- test/test_pkcs11_structs.rb
-- test/test_pkcs11_session.rb
-- test/test_pkcs11_slot.rb
 - test/test_pkcs11.rb
+- test/test_pkcs11_slot.rb
+- test/test_pkcs11_session.rb
+- test/test_pkcs11_structs.rb
 - test/test_pkcs11_crypt.rb
-- test/test_pkcs11_object.rb