roostify-pkcs11 0.2.5

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 38f485d46433fe18d86d2b1d95f52900f5070bb0
+  data.tar.gz: 27d9b3cdb79b632e4d0f7f7f2f3953979742b52c
+SHA512:
+  metadata.gz: 0749ad1fd4561b42be42e97e4c8b32bdf8e61adee818a768baf67c604af4581c6b8b9e109e7b479d43a295bd31cec33153bf6cbfbbc6c4560bc2106ed5408726
+  data.tar.gz: b2d1c602558d77298319fbf6a3efcf0c4eb2b1fa5e203eac0967752420abfd0eb436e230e8a2d11e9644d07734e41481c9ac55ce93467e745b944c7a4c5d3a3b

data/.autotest

@@ -0,0 +1,23 @@
+# -*- ruby -*-
+
+require 'autotest/restart'
+
+# Autotest.add_hook :initialize do |at|
+#   at.extra_files << "../some/external/dependency.rb"
+#
+#   at.libs << ":../some/external"
+#
+#   at.add_exception 'vendor'
+#
+#   at.add_mapping(/dependency.rb/) do |f, _|
+#     at.files_matching(/test_.*rb$/)
+#   end
+#
+#   %w(TestA TestB).each do |klass|
+#     at.extra_class_map[klass] = "test/test_misc.rb"
+#   end
+# end
+
+# Autotest.add_hook :run_command do |at|
+#   system "rake build"
+# end

data/.travis.yml

@@ -0,0 +1,10 @@
+language: ruby
+sudo: false
+rvm:
+  - "1.9.3"
+  - "2.2.0"
+  - rbx
+matrix:
+  allow_failures:
+    - rvm: rbx
+script: bundle exec rake compile test gem

data/.yardopts

@@ -0,0 +1 @@
+--title "PKCS#11/Ruby Interface" --no-private lib/**/*.rb ext/*.c ext/*.doc

data/Gemfile

@@ -0,0 +1,16 @@
+# -*- ruby -*-
+
+# DO NOT EDIT THIS FILE. Instead, edit Rakefile, and run `rake bundler:gemfile`.
+
+source "https://rubygems.org/"
+
+
+gem "rdoc", "~>4.0", :group => [:development, :test]
+gem "yard", ">=0.6", :group => [:development, :test]
+gem "rake-compiler", "~>0.9.2", :group => [:development, :test]
+gem "rake-compiler-dock", "~>0.4.3", :group => [:development, :test]
+gem "minitest", "~>5.7", :group => [:development, :test]
+gem "hoe-bundler", "~>1.0", :group => [:development, :test]
+gem "hoe", "~>3.13", :group => [:development, :test]
+
+# vim: syntax=ruby

data/History.txt

@@ -0,0 +1,62 @@
+=== 0.2.5 / 2015-01-26
+
+* Fix compatibility with Ruby-2.2
+* Add Ruby-2.1 and 2.2 to binary Windows gems.
+
+=== 0.2.4 / 2013-04-05
+
+* Build and package binary x64 version for Windows in addition to x86.
+* Allow to use big positive numbers (>0x80000000) in 32bit mode (Anton Fedorov)
+
+=== 0.2.3 / 2012-01-25
+
+* fix C_WaitForSlotEvent to be a Library- instead of a Slot-method
+* allow :sw/:hsm to ProtectServer::Library#load_library in the same way as #initialize
+* allow Hash argument to Library#C_Initialize in the same way as #initialize
+
+=== 0.2.2 / 2011-12-12
+
+* add ability to change PKCS11 base methods in order to use vendor defined attributes, return codes and mechanisms
+* restructured C code to avoid duplicated code in vendor extension gems
+* add gem pkcs11_protect_server to cover many ProtectServer specific extensions
+* update test/helper to find newer libsoftokn3
+* add task for generating combined docs of PKCS11 and PKCS11::ProtectServer
+* changed PKCS11#slots to return all slots of the device by default
+* add ability to set/get multiple attributes with Object#[] and Object#[]=
+
+=== 0.2.1 / 2011-04-21
+
+* add some more CK_ULONG and CK_BOOL attributes
+* add array of structs accessor used in CK_OTP_PARAMS
+* refactured inc-file generation
+* bit more documentation
+* bugfix: print CKR-values as unsigned long
+* bugfix: Slot#mechanism_info didn't work with Symbol
+
+
+=== 0.2.0 / 2011-01-18
+
+* switch API documentation to YARD instead of RDOC
+* add Ruby classes for all PKCS#11 structures
+* add CopyObject
+* add Get/SetOperationState
+* use distinct Exception classes for different error codes
+* PKCS#11 function calls don't block other ruby threads any more (only Ruby 1.9, Rubinius)
+* don't wrap mechanisms any more (GetMechanismList returns plain Integers now)
+* choose structs as mechanism parameter based on the given mechanism
+* autogenerate many constants from C header files
+* finer graded control over library loading
+* several bug fixes
+* more unit tests
+* more documentation
+
+
+=== 0.1.0 / 2010-05-03
+
+* first rubygem version
+* Most functions and operations of PKCS#11 v2.2 are implemented.
+* The library is based on the work of Ryosuke Kutsuna and GOTOU Yuuzou, but extended in the following ways:
+  - running on Unix and Windows OS
+  - downloadable as rubygem in source and win32 binary version
+  - new API, it's more ruby-like and well documented
+  - most functions are unit tested with help of softokn library

data/MIT-LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2008 Ryosuke Kutsuna <ryosuke@deer-n-horse.jp>
+Copyright (c) 2008 GOTOU Yuuzou <gotoyuzo@notwork.org>
+Copyright (c) 2010 Lars Kanis <kanis@comcard.de>
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,186 @@
+{<img src="https://travis-ci.org/larskanis/pkcs11.png?branch=master" alt="Build Status" />}[https://travis-ci.org/larskanis/pkcs11]
+{<img src="https://ci.appveyor.com/api/projects/status/8m7ugl1ogijw1c8c?svg=true" alt="Build Status" />}[https://ci.appveyor.com/project/larskanis/pkcs11]
+
+= PKCS #11/Ruby Interface
+
+* Homepage: http://github.com/larskanis/pkcs11
+* API documentation: http://rubydoc.info/gems/pkcs11/frames
+
+This module allows Ruby programs to interface with "RSA Security Inc.
+PKCS #11 Cryptographic Token Interface (Cryptoki)".
+PKCS #11 is the de-facto standard to access cryptographic devices.
+You must have a PKCS #11 v2.x implementation library installed in order to use this module. Tested implementations of PKCS#11 librarys include:
+* OpenSC[http://www.opensc-project.org] supported Smart Cards
+* Safenet[http://www.safenet-inc.com] - Protect Server and Luna HSMs
+* Mozilla_Soft_Token[https://developer.mozilla.org/en/PKCS11] which comes with every firefox installation
+
+This module works on Unix like operating systems and on Windows.
+
+== Installation
+
+  $ gem install pkcs11
+
+This installs the PKCS#11 extension either by compiling (Unix) or by using the precompiled gem for Windows.
+
+== Usage
+Cryptoki has a reputation to be complicated to implement and use.
+While this seems to be true for C, it shouldn't for Ruby.
+
+* {PKCS11.open} opens a PKCS#11 Unix *.so file or Windows-DLL with a suitable PKCS #11 implementation and returns a {PKCS11::Library}.
+* {PKCS11::Library#slots} returns a list of {PKCS11::Slot} for all slots accessable by the library.
+* {PKCS11::Slot#open} opens a {PKCS11::Session} which is used for object handling and cryptographic operations.
+* {PKCS11::Object} represents a key, data or certificate object.
+* all constants defined in PKCS#11 v2.40 are available in the module {PKCS11} and contain the associated Integer value (CKA_KEY_TYPE, CKK_AES, CKM_SHA_1 etc.)
+* also all PKCS#11 v2.40 structs are available in the module {PKCS11} as proper ruby classes ({PKCS11::CK_VERSION}, {PKCS11::CK_OTP_PARAMS} etc.)
+
+=== Example
+  require "rubygems"
+  require "pkcs11"
+  include PKCS11
+
+  pkcs11 = PKCS11.open("/path/to/pkcs11.so")
+  p pkcs11.info  # => #<PKCS11::CK_INFO cryptokiVersion=...>
+  pkcs11.active_slots.first.open do |session|
+    session.login(:USER, "1234")
+    secret_key = session.generate_key(:DES2_KEY_GEN,
+      :ENCRYPT=>true, :DECRYPT=>true, :SENSITIVE=>true, :TOKEN=>true, :LABEL=>'my key')
+    cryptogram = session.encrypt( {:DES3_CBC_PAD=>"\0"*8}, secret_key, "some plaintext")
+    session.logout
+  end
+
+This opens a {PKCS11::Library PKCS#11 library} and prints it's {PKCS11::CK_INFO information block}.
+Then a {PKCS11::Session} to the first {PKCS11::Library#active_slots active slot} of the device is opened and a {PKCS11::Session#login login} is done on the user account.
+Now, a 112 bit DES3 {PKCS11::Object key object} is generated and some plaintext is {PKCS11::Session#encrypt encrypted} with it.
+A 8-byte zero IV is used.
+In many cases method parameters can be Integer (like PKCS11::CKA_LABEL) or, as in the sample, Symbol (:LABEL) which is internally converted.
+
+Many more usage examples can be found in the unit tests of the <tt>test</tt> directory of the project or gem.
+
+Detail information for the API specification is provided by the OASIS PKCS 11 Technical Committee.
+Please refer the URL: https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=pkcs11
+
+Browsable HTML can be found at http://www.cryptsoft.com/pkcs11doc.
+
+=== Vendor extensions
+Some vendors extend their libraries beyond the standard, in it's own way.
+This can be used by vendor specific packages:
+* Safenet ProtectServer: {file:pkcs11_protect_server/README_PROTECT_SERVER.rdoc}
+* Safenet Luna: {file:pkcs11_luna/README_LUNA.rdoc}
+
+=== Threading
+
+The pkcs11 binding fully supports native, background Ruby threads.
+This of course only applies to Rubinius and Ruby 1.9 or higher since earlier versions of Ruby do not support native threads.
+
+According to the standard, calling the Cryptoki library from multiple threads simultaneously, requires to open it with flag PKCS11::CKF_OS_LOCKING_OK.
+Application-supplied synchronization primitives (CreateMutex, DestroyMutex, LockMutex, UnlockMutex) are not supported.
+
+
+== Compiling for Windows
+
+The pkcs11 source gem can be built on Windows (with help of the RubyInstaller's DevKit[http://rubyinstaller.org/add-ons/devkit/] ) .
+Use
+
+    $ gem install pkcs11 --platform=ruby
+
+for installation.
+In addition precompiled binary Windows gems are provided for convenience.
+They are installed by default on Windows.
+
+The binary Windows gems can be compiled per rake-compiler-dock[https://github.com/rake-compiler/rake-compiler-dock] :
+
+    $ rake gem:windows
+
+If everything works, there should be some files kind of pkcs11-VERSION-ARCH-mingw32.gem in the pkg directory for installation.
+
+
+== ToDo
+
+* encoding support for Ruby 1.9+
+* support for proprietary extensions of other vendors
+* full support for PKCS#11 v2.40
+
+== Development Status
+
+Any operation that is possible with PKCS#11 in C, should be likewise possible in Ruby.
+Otherwise it is considered as a bug in the binding.
+
+  STATE   FUNCTION               NOTE
+  ------  ---------------------  ----------------------------------------
+  DONE    C_Initialize
+  DONE    C_Finalize
+  DONE    C_GetInfo
+  DONE    C_GetFunctionList
+  DONE    C_GetSlotList
+  DONE    C_GetSlotInfo
+  DONE    C_GetTokenInfo
+  DONE    C_GetMechanismList
+  DONE    C_GetMechanismInfo
+  DONE    C_InitToken
+  DONE    C_InitPIN
+  DONE    C_SetPIN
+  DONE    C_OpenSession
+  DONE    C_CloseSession
+  DONE    C_CloseAllSessions
+  DONE    C_GetSessionInfo
+  DONE    C_GetOperationState
+  DONE    C_SetOperationState
+  DONE    C_Login
+  DONE    C_Logout
+  DONE    C_CreateObject
+  DONE    C_CopyObject
+  DONE    C_DestroyObject
+  DONE    C_GetObjectSize
+  DONE    C_GetAttributeValue
+  DONE    C_SetAttributeValue
+  DONE    C_FindObjectsInit
+  DONE    C_FindObjects
+  DONE    C_FindObjectsFinal
+  DONE    C_EncryptInit
+  DONE    C_Encrypt
+  DONE    C_EncryptUpdate
+  DONE    C_EncryptFinal
+  DONE    C_DecryptInit
+  DONE    C_Decrypt
+  DONE    C_DecryptUpdate
+  DONE    C_DecryptFinal
+  DONE    C_DigestInit
+  DONE    C_Digest
+  DONE    C_DigestUpdate
+  DONE    C_DigestKey
+  DONE    C_DigestFinal
+  DONE    C_SignInit
+  DONE    C_Sign
+  DONE    C_SignUpdate
+  DONE    C_SignFinal
+  DONE    C_SignRecoverInit
+  DONE    C_SignRecover
+  DONE    C_VerifyInit
+  DONE    C_Verify
+  DONE    C_VerifyUpdate
+  DONE    C_VerifyFinal
+  DONE    C_VerifyRecoverInit
+  DONE    C_VerifyRecover
+  DONE    C_DigestEncryptUpdate
+  DONE    C_DecryptDigestUpdate
+  DONE    C_SignEncryptUpdate
+  DONE    C_DecryptVerifyUpdate
+  DONE    C_GenerateKey
+  DONE    C_GenerateKeyPair
+  DONE    C_WrapKey
+  DONE    C_UnwrapKey
+  DONE    C_DeriveKey
+  DONE    C_SeedRandom
+  DONE    C_GenerateRandom
+  N/A     C_GetFunctionStatus    legacy function
+  N/A     C_CancelFunction       legacy function
+  DONE    C_WaitForSlotEvent
+
+== Authors
+* Ryosuke Kutsuna <ryosuke@deer-n-horse.jp>
+* GOTOU Yuuzou <gotoyuzo@notwork.org>
+* Lars Kanis <kanis@comcard.de>
+* Jonathan Patchell <jonathan.patchell@safenet-inc.com>
+
+== Copying
+See MIT-LICENSE included in the package.

data/Rakefile

@@ -0,0 +1,127 @@
+# -*- coding: utf-8 -*-
+# -*- ruby -*-
+
+require 'rubygems'
+require 'hoe'
+require 'rake/extensiontask'
+require 'rbconfig'
+
+GENERATED_FILES = [
+  'ext/pk11_struct_impl.inc',
+  'ext/pk11_struct_def.inc',
+  'ext/pk11_const_def.inc',
+  'ext/pk11_struct.doc',
+  'ext/pk11_thread_funcs.h',
+  'ext/pk11_thread_funcs.c',
+]
+
+CLEAN.include GENERATED_FILES
+CLEAN.include 'lib/pkcs11_ext.so'
+CLEAN.include 'tmp'
+
+Hoe.plugin :bundler
+
+# Build a Manifest file to satisfy hoe.
+IO.write("Manifest.txt", `git ls-files`)
+
+hoe = Hoe.spec 'roostify-pkcs11' do
+  developer('Ryosuke Kutsuna', 'ryosuke@deer-n-horse.jp')
+  developer('GOTOU Yuuzou', 'gotoyuzo@notwork.org')
+  developer('Lars Kanis', 'kanis@comcard.de')
+  developer('Zee Spencer', 'zee@roostify.com')
+  extra_dev_deps << ['yard', '>= 0.6']
+  extra_dev_deps << ['rake-compiler', '~> 0.9.2']
+  extra_dev_deps << ['rake-compiler-dock', '~> 0.4.3']
+  extra_dev_deps << ['minitest', '~> 5.7']
+  extra_dev_deps << ['hoe-bundler', '~> 1.0']
+
+  self.urls = ['http://github.com/roostify/pkcs11']
+  self.summary = 'PKCS#11 binding for Ruby'
+  self.description = 'This module allows Ruby programs to interface with "RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki)".'
+
+  self.readme_file = 'README.rdoc'
+  self.extra_rdoc_files << self.readme_file << 'ext/pk11.c'
+  spec_extras[:extensions] = 'ext/extconf.rb'
+  spec_extras[:files] = `git ls-files`.split("\n").reject{|f| f=~/^pkcs11_/ }
+  spec_extras[:files] += GENERATED_FILES
+  spec_extras[:has_rdoc] = 'yard'
+  self.rdoc_locations << "http://www.rubydoc.info/gems/roostify-pkcs11"
+end
+
+Rake::ExtensionTask.new('pkcs11_ext', hoe.spec) do |ext|
+  ext.ext_dir = 'ext'
+  ext.cross_compile = true                # enable cross compilation (requires cross compile toolchain)
+  ext.cross_platform = ['i386-mingw32', 'x64-mingw32']     # forces the Windows platform instead of the default one
+end
+
+file 'ext/extconf.rb' => ['ext/pk11_struct_def.inc', 'ext/pk11_thread_funcs.c']
+file 'ext/pk11_struct_def.inc' => 'ext/generate_structs.rb' do
+  sh "#{RbConfig::CONFIG['ruby_install_name']} ext/generate_structs.rb --def ext/pk11_struct_def.inc --impl ext/pk11_struct_impl.inc --doc ext/pk11_struct.doc ext/include/pkcs11t.h"
+end
+file 'ext/pk11_struct_impl.inc' => 'ext/pk11_struct_def.inc'
+file 'ext/pk11_struct.doc' => 'ext/pk11_struct_def.inc'
+
+file 'ext/pk11_const_def.inc' => 'ext/generate_constants.rb' do
+  sh "#{RbConfig::CONFIG['ruby_install_name']} ext/generate_constants.rb --const ext/pk11_const_def.inc ext/include/pkcs11t.h"
+end
+file 'ext/pk11.c' => ['ext/pk11_struct_def.inc', 'ext/pk11_struct_impl.inc', 'ext/pk11_struct_macros.h']
+file 'ext/pk11_const.c' => ['ext/pk11_const_def.inc', 'ext/pk11_const_macros.h']
+
+file 'ext/pk11_thread_funcs.h' => 'ext/generate_thread_funcs.rb' do
+  sh "#{RbConfig::CONFIG['ruby_install_name']} ext/generate_thread_funcs.rb --impl ext/pk11_thread_funcs.c --decl ext/pk11_thread_funcs.h ext/include/pkcs11f.h"
+end
+file 'ext/pk11_thread_funcs.c' => 'ext/pk11_thread_funcs.h'
+file 'ext/pk11.h' => 'ext/pk11_thread_funcs.h'
+
+# To reduce the gem file size strip mingw32 dlls before packaging
+ENV['RUBY_CC_VERSION'].to_s.split(':').each do |ruby_version|
+  task "tmp/x86-mingw32/stage/lib/#{ruby_version[/^\d+\.\d+/]}/pkcs11_ext.so" do |t|
+    sh "i686-w64-mingw32-strip -S tmp/x86-mingw32/stage/lib/#{ruby_version[/^\d+\.\d+/]}/pkcs11_ext.so"
+  end
+
+  task "tmp/x64-mingw32/stage/lib/#{ruby_version[/^\d+\.\d+/]}/pkcs11_ext.so" do |t|
+    sh "x86_64-w64-mingw32-strip -S tmp/x64-mingw32/stage/lib/#{ruby_version[/^\d+\.\d+/]}/pkcs11_ext.so"
+  end
+end
+
+desc "Build windows binary gems per rake-compiler-dock."
+task "gem:windows" do
+  require "rake_compiler_dock"
+  RakeCompilerDock.sh <<-EOT
+    rake cross native gem MAKE='nice make -j`nproc`'
+  EOT
+end
+
+task :docs_of_vendor_extensions do
+  Dir['pkcs11_luna', 'pkcs11_protect_server'].each do |dir|
+    chdir(dir) do
+      sh "rake doc_files"
+    end
+  end
+end
+
+desc "Generate static HTML documentation with YARD"
+task :yardoc=>['ext/pk11_struct.doc', :docs_of_vendor_extensions] do
+  luna_docs = "pkcs11_luna/lib/**/*.rb pkcs11_luna/ext/*.c pkcs11_luna/ext/*.doc"
+  sh "yardoc --title \"PKCS#11/Ruby Interface\" --no-private lib/**/*.rb ext/*.c ext/*.doc pkcs11_protect_server/lib/**/*.rb pkcs11_protect_server/ext/*.c pkcs11_protect_server/ext/*.doc #{luna_docs} - pkcs11_protect_server/README_PROTECT_SERVER.rdoc pkcs11_luna/README_LUNA.rdoc"
+end
+
+desc "Publish YARD to wherever you want."
+task :publish_yard => [:yardoc] do
+  rdoc_locations = hoe.rdoc_locations
+  warn "no rdoc_location values" if rdoc_locations.empty?
+  rdoc_locations.each do |dest|
+    sh %{rsync -av --delete doc/ #{dest}}
+  end
+end
+
+# RDoc-upload task for github (currently on rubyforge)
+#
+# require 'grancher/task'
+# Grancher::Task.new do |g|
+#   g.branch = 'gh-pages'         # alternatively, g.refspec = 'ghpages:/refs/heads/ghpages'
+#   g.push_to = 'origin'
+#   g.directory 'doc'
+# end
+
+# vim: syntax=ruby