RubyGems - tem_ruby - Versions diffs - 0.10.0 → 0.10.1 - Mend

tem_ruby 0.10.0 → 0.10.1

Files changed (25) hide show

data/CHANGELOG +2 -0
data/Manifest +11 -6
data/lib/tem/{buffers.rb → apdus/buffers.rb} +6 -1
data/lib/tem/{keys.rb → apdus/keys.rb} +9 -4
data/lib/tem/{lifecycle.rb → apdus/lifecycle.rb} +6 -1
data/lib/tem/{tag.rb → apdus/tag.rb} +6 -1
data/lib/tem/builders/abi.rb +482 -0
data/lib/tem/builders/crypto.rb +115 -0
data/lib/tem/definitions/abi.rb +67 -0
data/lib/tem/ecert.rb +1 -1
data/lib/tem/keys/asymmetric.rb +116 -0
data/lib/tem/keys/key.rb +48 -0
data/lib/tem/keys/symmetric.rb +47 -0
data/lib/tem/sec_assembler.rb +1 -2
data/lib/tem/secpack.rb +5 -4
data/lib/tem/tem.rb +5 -5
data/lib/tem/toolkit.rb +2 -1
data/lib/tem_ruby.rb +14 -6
data/tem_ruby.gemspec +7 -11
data/test/builders/test_abi_builder.rb +298 -0
data/test/test_driver.rb +4 -4
data/test/test_tem.rb +4 -3
metadata +28 -26
data/lib/tem/abi.rb +0 -55
data/lib/tem/crypto_abi.rb +0 -264

data/lib/tem/builders/crypto.rb ADDED Viewed

@@ -0,0 +1,115 @@
+require 'openssl'
+# :nodoc: namespace
+module Tem::Builders
+# Builder class and namespace for the cryptography builder.
+class Crypto < Abi
+  # Creates a builder targeting a module / class.
+  #
+  # The given parameter should be a class or module
+  def self.define_crypto(class_or_module)  # :yields: crypto
+    yield new(class_or_module)
+  end
+  # Defines the methods for handling an asymmetric (public/private) key.
+  #
+  # ssl_class should be a class in OpenSSL::PKey. privkey_abi_type and
+  # pubkey_abi_type should be ABI types similar to those produced by
+  # packed_variable_length_numbers.
+  #
+  # The following methods are defined for a type named 'name':
+  #   * read_private_name(array, offset) -> key
+  #   * to_private_name(key) -> array
+  #   * private_name_class -> Class
+  #   * read_public_name(array, offset) -> key
+  #   * to_public_name(key) -> array
+  #   * public_name_class -> Class
+  def asymmetric_key(name, ssl_class, privkey_abi_type, pubkey_abi_type,
+                     hooks = {})
+    object_wrapper "private_#{name}", ssl_class, [privkey_abi_type, nil],
+                   :read => hooks[:read_private] || hooks[:read],
+                   :to => hooks[:to_private] || hooks[:to],
+                   :new => hooks[:new_private] || hooks[:new] ||
+                           lambda { |k| ssl_class.new }
+    object_wrapper "public_#{name}", ssl_class, [pubkey_abi_type, nil],
+                   :read => hooks[:read_public] || hooks[:read],
+                   :to => hooks[:to_public] || hooks[:to],
+                   :new => hooks[:new_private] || hooks[:new] ||
+                           lambda { |k| ssl_class.new }
+  end
+  # Defines the methods for a symmetric key.
+  #
+  # cipher_class should be a class in OpenSSL::Cipher. key_abi_type should be
+  # an ABI type similar to that produced by fixed_string.
+  #
+  # The following methods are defined for a type named 'name':
+  #   * read_name(array, offset) -> object
+  #   * to_name(object) -> array
+  #   * name_class -> Class
+  def symmetric_key(name, cipher_class, cipher_name, key_abi_type, hooks = {})
+    object_wrapper name, cipher_class, [key_abi_type, :key],
+        :new => lambda { |klass|
+      k = klass.new cipher_name
+      unless k.respond_to? :key
+        # Some ciphers don't give back the key that they receive.
+        # We need to synthesize that.
+        class << k
+          def key=(new_key)
+            super
+            @_key = new_key
+          end
+          def key
+            @_key
+          end
+        end
+      end
+    }
+  end
+  # Defines the methods for a cryptographic hash function.
+  #
+  # digest_class should be an object similar to the classes in the Digest
+  # name-space. Specifically, it should implement the digest method.
+  #
+  # The following methods are defined for a type named 'name':
+  #   * name(array | String) -> array
+  #   * name_length -> number
+  #   * name_digest_class -> Class
+  def crypto_hash(name, digest_class)
+    digest_length = digest_class.digest('').length
+    defines = Proc.new do
+      define_method :"#{name}" do |data|
+        data = data.pack 'C*' unless data.kind_of? String
+        digest_class.digest(data).unpack 'C*'
+      end
+      define_method(:"#{name}_digest_class") { digest_class }
+      define_method(:"#{name}_length") { digest_length }
+    end
+    @target.class_eval &defines
+    (class << @target; self; end).module_eval &defines
+  end
+end  # class Crypto
+# Implementation code for the Crypto methods.
+module Crypto::Impl
+  def self.key_from_array(array, offset, ssl_class, abi_type)
+    key = ssl_class.new
+    numbers = self.send :"read_#{abi_type}", array, offset
+    numbers.each { |k, v| key.send :"#{k}=", v }
+  end
+  def self.key_to_array(key, abi_type)
+    components = self.send :"#{abi_type}_components"
+    numbers = Hash[*(components.map { |c| [c, key.send(c.to_sym) ]}.flatten)]
+    self.send :"to_#{abi_type}", numbers
+  end
+end
+end  # namespace Tem::Builders

data/lib/tem/definitions/abi.rb ADDED Viewed

@@ -0,0 +1,67 @@
+require 'openssl'
+require 'digest/sha1'
+module Tem::Abi
+  Tem::Builders::Abi.define_abi self do |abi|
+    abi.fixed_length_number :tem_byte, 1, :signed => true, :big_endian => true
+    abi.fixed_length_number :tem_ubyte, 1, :signed => false, :big_endian => true
+    abi.fixed_length_number :tem_short, 2, :signed => true, :big_endian => true
+    abi.fixed_length_number :tem_ushort, 2, :signed => false,
+                            :big_endian => true
+    abi.fixed_length_number :tem_ps_addr, 20, :signed => false,
+                            :big_endian => true
+    abi.fixed_length_number :tem_ps_value, 20, :signed => false,
+                            :big_endian => true
+    abi.packed_variable_length_numbers :tem_privrsa_numbers, :tem_ushort,
+        [:p, :q, :dmp1, :dmq1, :iqmp], :signed => false, :big_endian => true
+    abi.packed_variable_length_numbers :tem_pubrsa_numbers, :tem_ushort,
+        [:e, :n], :signed => false, :big_endian => true
+    abi.fixed_length_string :tem_aes_key_string, 16
+  end
+  Tem::Builders::Crypto.define_crypto self do |crypto|
+    crypto.crypto_hash :tem_hash, Digest::SHA1
+    crypto.asymmetric_key :tem_rsa, Tem::Keys::Asymmetric, :tem_privrsa_numbers,
+        :tem_pubrsa_numbers, :new => lambda { |key| OpenSSL::PKey::RSA.new },
+        :to => lambda { |k| k.ssl_key },
+        :read_public => lambda { |key| Tem::Keys::Asymmetric.new key },
+        :read_private => lambda { |key|
+      # a bit of math to rebuild the public key
+      key.n = key.p * key.q
+      p1, q1 = key.p - 1, key.q - 1
+      p1q1 = p1 * q1
+      # HACK(costan): I haven't figured out how to restore d from dmp1 and
+      # dmq1, so I'm betting on the fact that e must be a small prime.
+      emp1 = key.dmp1.mod_inverse p1
+      emq1 = key.dmq1.mod_inverse q1
+      key.e = (emp1 < emq1) ? emp1 : emq1
+      key.d = key.e.mod_inverse p1q1
+      Tem::Keys::Asymmetric.new key
+    }
+    crypto.symmetric_key :tem_aes_key, Tem::Keys::Symmetric, nil,
+                         :tem_aes_key_string,
+                         :new => lambda { |k| OpenSSL::Cipher::AES.new 'ECB' },
+                         :read => lambda { |k| Tem::Keys::Symmetric.new k },
+                         :to => lambda { |k| k.ssl_key }
+    crypto.conditional_wrapper :tem_key, 1,
+        [{:tag => [0x99], :type => :tem_key,
+          :class => Tem::Keys::Symmetric },
+         {:tag => [0xAA], :type => :public_tem_rsa,
+          :class => Tem::Keys::Asymmetric,
+          :predicate => lambda { |k| k.ssl_key.kind_of?(OpenSSL::PKey::RSA) &&
+                                     k.is_public? } },
+         {:tag => [0x55], :type => :private_tem_rsa,
+          :class => Tem::Keys::Asymmetric,
+          :predicate => lambda { |k| k.ssl_key.kind_of?(OpenSSL::PKey::RSA) } }]
+  end
+  # For convenience, include the Abi methods in Tem::Session's namespace.
+  def self.included(klass)
+    klass.extend Tem::Abi
+  end
+end  # module Tem::Abi

data/lib/tem/ecert.rb CHANGED Viewed

@@ -18,7 +18,7 @@ module Tem::ECert
   # retrieves the TEM's Public Endorsement Key
   def pubek
-    new_key_from_ssl endorsement_cert.public_key, true
+    Tem::Key.new_from_ssl_key endorsement_cert.public_key
   end
   # emits a TEM

data/lib/tem/keys/asymmetric.rb ADDED Viewed

@@ -0,0 +1,116 @@
+# :nodoc: namespace
+module Tem::Keys
+# Wraps a TEM asymmetric key, e.g. an RSA key.
+class Asymmetric < Tem::Key
+  def self.new_from_array(array)
+    self.new(OpenSSL::PKey::RSA.new(array[0]), *array[1..-1])
+  end
+  def self.new_from_yaml_str(yaml_str)
+    array = YAML.load yaml_str
+    new_from_array array
+  end
+  def to_array
+    [@ssl_key.to_pem, @padding_type]
+  end
+  def to_yaml_str
+    self.to_array.to_yaml.to_s
+  end
+  # Generate a pair of asymmetric keys.
+  def self.generate_pair
+    ssl_key = OpenSSL::PKey::RSA.generate(2048, 65537)
+    new_pair_from_ssl_key ssl_key
+  end
+  # Creates a pair of asymmetric keys wrapping an OpenSSL private key.
+  def self.new_pair_from_ssl_key(ssl_key)
+    { :public => Tem::Keys::Asymmetric.new(ssl_key.public_key),
+      :private => Tem::Keys::Asymmetric.new(ssl_key) }
+  end
+  def initialize(ssl_key, padding_type = :pkcs1)
+    super ssl_key
+    @is_public = !ssl_key.d
+    @padding_type = padding_type
+    case padding_type
+    when :oaep
+      @padding_id = OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING
+      @padding_bytes = 42
+    when :pkcs1
+      @padding_id = OpenSSL::PKey::RSA::PKCS1_PADDING
+      @padding_bytes = 11
+    else
+      raise "Unknown padding type #{padding_type}\n"
+    end
+    @size = 0
+    n = @is_public ? @ssl_key.n : (@ssl_key.p * @ssl_key.q)
+    while n != 0 do
+      @size += 1
+      n >>= 8
+    end
+  end
+  public_class_method :new
+  def is_public?
+    @is_public
+  end
+  def encrypt(data)
+    encrypt_or_decrypt data, @size - @padding_bytes,
+                       @is_public ? :public_encrypt : :private_encrypt
+  end
+  def decrypt(data)
+    encrypt_or_decrypt data, @size,
+                       @is_public ? :public_decrypt : :private_decrypt
+  end
+  def sign(data)
+    data = data.pack 'C*' if data.respond_to? :pack
+    # PKCS1-padding is forced in by openssl... sigh!
+    out_data = @ssl_key.sign OpenSSL::Digest::SHA1.new, data
+    data.respond_to?(:pack) ? out_data : out_data.unpack('C*')
+  end
+  def verify(data, signature)
+    data = data.pack 'C*' if data.respond_to? :pack
+    signature = signature.pack 'C*' if signature.respond_to? :pack
+    # PKCS1-padding is forced in by openssl... sigh!
+    @ssl_key.verify OpenSSL::Digest::SHA1.new, signature, data
+  end
+  def encrypt_or_decrypt(data, in_size,  op)
+    chug_data(data, in_size) { |block| @ssl_key.send op, block, @padding_id }
+  end
+  private :encrypt_or_decrypt
+  def chug_data(data, in_size, &chug_block)
+    output = data.class.new
+    i = 0
+    while i < data.length do
+      block_size = (data.length - i < in_size) ? data.length - i : in_size
+      if data.kind_of? String
+        block = data[i...(i+block_size)]
+      else
+        block = data[i...(i+block_size)].pack('C*')
+      end
+      o_block = yield block
+      if data.kind_of? String
+        output += o_block
+      else
+        output += o_block.unpack('C*')
+      end
+      i += block_size
+    end
+    return output
+  end
+  private :chug_data
+end
+end  # namespace Tem::Keys

data/lib/tem/keys/key.rb ADDED Viewed

@@ -0,0 +1,48 @@
+# Base class for the TEM keys.
+#
+# This class consists of stubs describing the interface implemented by
+# subclasses.
+class Tem::Key
+  # The OpenSSL key wrapped by this TEM key.
+  attr_reader :ssl_key
+  # Creates a new key based on an OpenSSL key.
+  def initialize(ssl_key)
+    @ssl_key = ssl_key
+  end
+  # This class should not be instantiated directly.
+  private_class_method :new
+  # Serializes this key to the TEM ABI format.
+  def to_tem_key
+    Tem::Abi.to_tem_key self
+  end
+  # Encrypts a block of data into a TEM-friendly format.
+  def encrypt(data)
+    raise "TEM Key class #{self.class.name} didn't implement encrypt"
+  end
+  def decrypt(data)
+    raise "TEM Key class #{self.class.name} didn't implement decrypt"
+  end
+  def sign(data)
+    raise "TEM Key class #{self.class.name} didn't implement sign"
+  end
+  def verify(data)
+    raise "TEM Key class #{self.class.name} didn't implement verify"
+  end
+  # Creates a new TEM key wrapper from a SSL key
+  def self.new_from_ssl_key(ssl_key)
+    if ssl_key.kind_of? OpenSSL::PKey::PKey
+      Tem::Keys::Asymmetric.new ssl_key
+    elsif ssl_key.kind_of? OpenSSL::Cipher::Cipher
+      Tem::Keys::Symmetric.new ssl_key
+    else
+      raise "Can't handle keys of class #{ssl_key.class}"
+    end
+  end
+end

data/lib/tem/keys/symmetric.rb ADDED Viewed

@@ -0,0 +1,47 @@
+# :nodoc: namespace
+module Tem::Keys
+# Wraps a TEM symmetric key, e.g. an AES key.
+class Symmetric < Tem::Key
+  @@cipher_mode = 'ECB'
+  # Generates a new symmetric key.
+  def self.generate
+    cipher = OpenSSL::Cipher::AES128.new @@cipher_mode
+    key = cipher.random_key
+    self.new key
+  end
+  # Creates a new symmetric key based on an OpenSSL Cipher instance, augmented
+  # with a key accessor.
+  def initialize(ssl_key)
+    super ssl_key
+    @key = ssl_key.key
+    @cipher_class = ssl_key.class
+  end
+  public_class_method :new
+  def encrypt_or_decrypt(data, do_encrypt)
+    cipher = @cipher_class.new @@cipher_mode
+    do_encrypt ? cipher.encrypt : cipher.decrypt
+    cipher.key = @key
+    cipher.iv = "\0" * 16
+  end
+  def encrypt(data)
+    cipher.encrypt_or_decrypt data, true
+  end
+  def decrypt(data)
+    cipher.encrypt_or_decrypt data, false
+  end
+  def sign(data)
+  end
+  def verify(data)
+  end
+end
+end  # namespace Tem::Keys

data/lib/tem/sec_assembler.rb CHANGED Viewed

@@ -56,7 +56,7 @@ class Tem::SecAssembler
       if @body[i].kind_of? Hash
         raise "label #{@body[i][:label]} undefined" if (!@body[i][:label].nil? and @labels[@body[i][:label]].nil?)
         addr = @body[i][:label].nil? ? @body[i][:address] : @labels[@body[i][:label]]
-        q = @body[i][:relative] ? (@tem_klass.send "to_tem_#{@body[i][:type]}_reladdr".to_sym, addr - i - @body[i][:relative]) :
+        q = @body[i][:relative] ? (@tem_klass.send "signed_to_tem_#{@body[i][:type]}".to_sym, addr - i - @body[i][:relative]) :
                                 (@tem_klass.send "to_tem_#{@body[i][:type]}".to_sym, addr)
         @body[i, q.length] = *q
       end
@@ -88,4 +88,3 @@ class Tem::SecAssembler
     @extra_bytes = extra_bytes
   end
 end

data/lib/tem/secpack.rb CHANGED Viewed

@@ -27,7 +27,7 @@ class Tem::SecPack
   def initialize(args)
     @tem_klass = args[:tem_class]
-    @@serialized_members.map { |m| self.instance_variable_set('@' + m.to_s, args[m]) }
+    @@serialized_members.map { |m| self.instance_variable_set "@#{m}", args[m] }
     @bound ||= false
   end
@@ -37,8 +37,9 @@ class Tem::SecPack
   def tem_header
     # TODO: use 0x0100 (no tracing) depending on options
-    hh = [0x0101, @signed_bytes, @encrypted_bytes, @extra_bytes, @sp, @ep].map { |n| @tem_klass.to_tem_ushort n }.flatten
-    hh += Array.new((@tem_klass.hash_for_tem [0]).length - hh.length, 0)
+    hh = [0x0101, @signed_bytes || 0, @encrypted_bytes || 0, @extra_bytes, @sp,
+          @ep].map { |n| @tem_klass.to_tem_ushort n }.flatten
+    hh += Array.new((@tem_klass.tem_hash [0]).length - hh.length, 0)
     return hh
   end
@@ -49,7 +50,7 @@ class Tem::SecPack
     @signed_bytes = encrypt_from
     @encrypted_bytes = plaintext_from - encrypt_from
-    secpack_sig = @tem_klass.hash_for_tem [tem_header, @body[0...plaintext_from]].flatten
+    secpack_sig = @tem_klass.tem_hash [tem_header, @body[0...plaintext_from]].flatten
     crypt = public_key.encrypt [@body[encrypt_from...plaintext_from], secpack_sig].flatten
     @body = [@body[0...encrypt_from], crypt, @body[plaintext_from..-1]].flatten

data/lib/tem/tem.rb CHANGED Viewed

@@ -1,13 +1,13 @@
 class Tem::Session
   include Tem::Abi
-  include Tem::Buffers
+  include Tem::Apdus::Buffers
+  include Tem::Apdus::Keys
+  include Tem::Apdus::Lifecycle
+  include Tem::Apdus::Tag
   include Tem::CA
-  include Tem::CryptoAbi
   include Tem::ECert
-  include Tem::Keys
-  include Tem::Lifecycle
   include Tem::SeClosures
-  include Tem::Tag
   include Tem::Toolkit
   CAPPLET_AID = [0x19, 0x83, 0x12, 0x29, 0x10, 0xBA, 0xBE]

data/lib/tem/toolkit.rb CHANGED Viewed

@@ -34,7 +34,8 @@ module Tem::Toolkit
     kp_buffer = execute gen_sec
     keys_offset = authz.nil? ? 20 : 0
-    k1id, k2id = read_tem_ushort(kp_buffer, keys_offset), read_tem_ushort(kp_buffer, keys_offset + 2)
+    k1id = read_tem_ushort kp_buffer, keys_offset
+    k2id = read_tem_ushort kp_buffer, keys_offset + 2
     if type == :asymmetric
       return_val = { :pubk_id => k1id, :privk_id => k2id }
     else

data/lib/tem_ruby.rb CHANGED Viewed

@@ -18,20 +18,28 @@ require 'tem/transport/jcop_remote_transport.rb'
 require 'tem/transport/jcop_remote_server.rb'
 require 'tem/transport/auto_configurator.rb'
-require 'tem/abi.rb'
+require 'tem/keys/key.rb'
+require 'tem/keys/asymmetric.rb'
+require 'tem/keys/symmetric.rb'
+require 'tem/builders/abi.rb'
+require 'tem/builders/crypto.rb'
+require 'tem/definitions/abi.rb'
 require 'tem/auto_conf.rb'
-require 'tem/buffers.rb'
+require 'tem/apdus/buffers.rb'
+require 'tem/apdus/keys.rb'
+require 'tem/apdus/lifecycle.rb'
+require 'tem/apdus/tag.rb'
 require 'tem/ca.rb'
-require 'tem/crypto_abi.rb'
 require 'tem/ecert.rb'
 require 'tem/hive.rb'
-require 'tem/keys.rb'
-require 'tem/lifecycle.rb'
 require 'tem/sec_assembler.rb'
 require 'tem/sec_opcodes.rb'
 require 'tem/sec_exec_error.rb'
 require 'tem/seclosures.rb'
 require 'tem/secpack.rb'
-require 'tem/tag.rb'
 require 'tem/toolkit.rb'
 require 'tem/tem.rb'

data/tem_ruby.gemspec CHANGED Viewed

@@ -2,38 +2,34 @@
 Gem::Specification.new do |s|
   s.name = %q{tem_ruby}
-  s.version = "0.10.0"
+  s.version = "0.10.1"
   s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
   s.authors = ["Victor Costan"]
-  s.date = %q{2009-04-08}
+  s.date = %q{2009-05-26}
   s.description = %q{TEM (Trusted Execution Module) driver, written in and for ruby.}
   s.email = %q{victor@costan.us}
   s.executables = ["tem_bench", "tem_ca", "tem_irb", "tem_proxy", "tem_stat"]
-  s.extra_rdoc_files = ["bin/tem_bench", "bin/tem_ca", "bin/tem_irb", "bin/tem_proxy", "bin/tem_stat", "CHANGELOG", "lib/tem/_cert.rb", "lib/tem/abi.rb", "lib/tem/auto_conf.rb", "lib/tem/buffers.rb", "lib/tem/ca.rb", "lib/tem/crypto_abi.rb", "lib/tem/ecert.rb", "lib/tem/hive.rb", "lib/tem/keys.rb", "lib/tem/lifecycle.rb", "lib/tem/sec_assembler.rb", "lib/tem/sec_exec_error.rb", "lib/tem/sec_opcodes.rb", "lib/tem/seclosures.rb", "lib/tem/secpack.rb", "lib/tem/tag.rb", "lib/tem/tem.rb", "lib/tem/toolkit.rb", "lib/tem/transport/auto_configurator.rb", "lib/tem/transport/java_card_mixin.rb", "lib/tem/transport/jcop_remote_protocol.rb", "lib/tem/transport/jcop_remote_server.rb", "lib/tem/transport/jcop_remote_transport.rb", "lib/tem/transport/pcsc_transport.rb", "lib/tem/transport/transport.rb", "lib/tem_ruby.rb", "LICENSE", "README"]
-  s.files = ["bin/tem_bench", "bin/tem_ca", "bin/tem_irb", "bin/tem_proxy", "bin/tem_stat", "CHANGELOG", "dev_ca/ca_cert.cer", "dev_ca/ca_cert.pem", "dev_ca/ca_key.pem", "dev_ca/config.yml", "lib/tem/_cert.rb", "lib/tem/abi.rb", "lib/tem/auto_conf.rb", "lib/tem/buffers.rb", "lib/tem/ca.rb", "lib/tem/crypto_abi.rb", "lib/tem/ecert.rb", "lib/tem/hive.rb", "lib/tem/keys.rb", "lib/tem/lifecycle.rb", "lib/tem/sec_assembler.rb", "lib/tem/sec_exec_error.rb", "lib/tem/sec_opcodes.rb", "lib/tem/seclosures.rb", "lib/tem/secpack.rb", "lib/tem/tag.rb", "lib/tem/tem.rb", "lib/tem/toolkit.rb", "lib/tem/transport/auto_configurator.rb", "lib/tem/transport/java_card_mixin.rb", "lib/tem/transport/jcop_remote_protocol.rb", "lib/tem/transport/jcop_remote_server.rb", "lib/tem/transport/jcop_remote_transport.rb", "lib/tem/transport/pcsc_transport.rb", "lib/tem/transport/transport.rb", "lib/tem_ruby.rb", "LICENSE", "Manifest", "Rakefile", "README", "test/_test_cert.rb", "test/tem_test_case.rb", "test/test_driver.rb", "test/test_exceptions.rb", "test/test_tem.rb", "test/transport/test_auto_configurator.rb", "test/transport/test_java_card_mixin.rb", "test/transport/test_jcop_remote.rb", "timings/blank_bound_secpack.rb", "timings/blank_sec.rb", "timings/devchip_decrypt.rb", "timings/post_buffer.rb", "timings/simple_apdu.rb", "timings/timings.rb", "timings/vm_perf.rb", "timings/vm_perf_bound.rb", "tem_ruby.gemspec"]
-  s.has_rdoc = true
+  s.extra_rdoc_files = ["bin/tem_bench", "bin/tem_ca", "bin/tem_irb", "bin/tem_proxy", "bin/tem_stat", "CHANGELOG", "lib/tem/_cert.rb", "lib/tem/apdus/buffers.rb", "lib/tem/apdus/keys.rb", "lib/tem/apdus/lifecycle.rb", "lib/tem/apdus/tag.rb", "lib/tem/auto_conf.rb", "lib/tem/builders/abi.rb", "lib/tem/builders/crypto.rb", "lib/tem/ca.rb", "lib/tem/definitions/abi.rb", "lib/tem/ecert.rb", "lib/tem/hive.rb", "lib/tem/keys/asymmetric.rb", "lib/tem/keys/key.rb", "lib/tem/keys/symmetric.rb", "lib/tem/sec_assembler.rb", "lib/tem/sec_exec_error.rb", "lib/tem/sec_opcodes.rb", "lib/tem/seclosures.rb", "lib/tem/secpack.rb", "lib/tem/tem.rb", "lib/tem/toolkit.rb", "lib/tem/transport/auto_configurator.rb", "lib/tem/transport/java_card_mixin.rb", "lib/tem/transport/jcop_remote_protocol.rb", "lib/tem/transport/jcop_remote_server.rb", "lib/tem/transport/jcop_remote_transport.rb", "lib/tem/transport/pcsc_transport.rb", "lib/tem/transport/transport.rb", "lib/tem_ruby.rb", "LICENSE", "README"]
+  s.files = ["bin/tem_bench", "bin/tem_ca", "bin/tem_irb", "bin/tem_proxy", "bin/tem_stat", "CHANGELOG", "dev_ca/ca_cert.cer", "dev_ca/ca_cert.pem", "dev_ca/ca_key.pem", "dev_ca/config.yml", "lib/tem/_cert.rb", "lib/tem/apdus/buffers.rb", "lib/tem/apdus/keys.rb", "lib/tem/apdus/lifecycle.rb", "lib/tem/apdus/tag.rb", "lib/tem/auto_conf.rb", "lib/tem/builders/abi.rb", "lib/tem/builders/crypto.rb", "lib/tem/ca.rb", "lib/tem/definitions/abi.rb", "lib/tem/ecert.rb", "lib/tem/hive.rb", "lib/tem/keys/asymmetric.rb", "lib/tem/keys/key.rb", "lib/tem/keys/symmetric.rb", "lib/tem/sec_assembler.rb", "lib/tem/sec_exec_error.rb", "lib/tem/sec_opcodes.rb", "lib/tem/seclosures.rb", "lib/tem/secpack.rb", "lib/tem/tem.rb", "lib/tem/toolkit.rb", "lib/tem/transport/auto_configurator.rb", "lib/tem/transport/java_card_mixin.rb", "lib/tem/transport/jcop_remote_protocol.rb", "lib/tem/transport/jcop_remote_server.rb", "lib/tem/transport/jcop_remote_transport.rb", "lib/tem/transport/pcsc_transport.rb", "lib/tem/transport/transport.rb", "lib/tem_ruby.rb", "LICENSE", "Manifest", "Rakefile", "README", "test/_test_cert.rb", "test/builders/test_abi_builder.rb", "test/tem_test_case.rb", "test/test_driver.rb", "test/test_exceptions.rb", "test/test_tem.rb", "test/transport/test_auto_configurator.rb", "test/transport/test_java_card_mixin.rb", "test/transport/test_jcop_remote.rb", "timings/blank_bound_secpack.rb", "timings/blank_sec.rb", "timings/devchip_decrypt.rb", "timings/post_buffer.rb", "timings/simple_apdu.rb", "timings/timings.rb", "timings/vm_perf.rb", "timings/vm_perf_bound.rb", "tem_ruby.gemspec"]
   s.homepage = %q{http://tem.rubyforge.org}
   s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Tem_ruby", "--main", "README"]
   s.require_paths = ["lib"]
   s.rubyforge_project = %q{tem}
-  s.rubygems_version = %q{1.3.1}
+  s.rubygems_version = %q{1.3.3}
   s.summary = %q{TEM (Trusted Execution Module) driver, written in and for ruby.}
-  s.test_files = ["test/test_driver.rb", "test/test_exceptions.rb", "test/test_tem.rb", "test/transport/test_auto_configurator.rb", "test/transport/test_java_card_mixin.rb", "test/transport/test_jcop_remote.rb"]
+  s.test_files = ["test/builders/test_abi_builder.rb", "test/test_driver.rb", "test/test_exceptions.rb", "test/test_tem.rb", "test/transport/test_auto_configurator.rb", "test/transport/test_java_card_mixin.rb", "test/transport/test_jcop_remote.rb"]
   if s.respond_to? :specification_version then
     current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
-    s.specification_version = 2
+    s.specification_version = 3
     if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
       s.add_runtime_dependency(%q<smartcard>, [">= 0.3.0"])
-      s.add_development_dependency(%q<echoe>, [">= 0"])
     else
       s.add_dependency(%q<smartcard>, [">= 0.3.0"])
-      s.add_dependency(%q<echoe>, [">= 0"])
     end
   else
     s.add_dependency(%q<smartcard>, [">= 0.3.0"])
-    s.add_dependency(%q<echoe>, [">= 0"])
   end
 end