tem_ruby 0.9.2 → 0.10.0

data/lib/tem/transport/pcsc_transport.rb

@@ -0,0 +1,87 @@
+require 'rubygems'
+require 'smartcard'
+
+# :nodoc: namespace
+module Tem::Transport
+  
+class PcscTransport
+  include JavaCardMixin
+  PCSC = Smartcard::PCSC
+  
+  def initialize(options)
+    @options = options
+    @context = nil
+    @card = nil
+  end
+
+  def exchange_apdu(apdu)
+    xmit_apdu_string = apdu.pack('C*')
+    result_string = @card.transmit xmit_apdu_string, @xmit_ioreq, @recv_ioreq
+    return result_string.unpack('C*')
+  end
+  
+  def connect
+    @context = PCSC::Context.new(PCSC::SCOPE_SYSTEM) if @context.nil?
+    
+    if @options[:reader_name]
+      @reader_name = reader_name
+    else
+      # get the first reader      
+      readers = @context.list_readers nil
+      @reader_name = readers[@options[:reader_index] || 0]
+    end
+    
+    # get the reader's status
+    reader_states = PCSC::ReaderStates.new(1)
+    reader_states.set_reader_name_of!(0, @reader_name)
+    reader_states.set_current_state_of!(0, PCSC::STATE_UNKNOWN)
+    @context.get_status_change reader_states, 100
+    reader_states.acknowledge_events!
+    
+    # prompt for card insertion unless that already happened
+    if (reader_states.current_state_of(0) & PCSC::STATE_PRESENT) == 0
+      puts "Please insert TEM card in reader #{@reader_name}\n"
+      while (reader_states.current_state_of(0) & PCSC::STATE_PRESENT) == 0 do
+        @context.get_status_change reader_states, PCSC::INFINITE_TIMEOUT
+        reader_states.acknowledge_events!
+      end
+      puts "Card detected\n"
+    end
+    
+    # connect to card
+    @card = PCSC::Card.new @context, @reader_name, PCSC::SHARE_EXCLUSIVE,
+                           PCSC::PROTOCOL_ANY
+    
+    # build the transmit / receive IoRequests
+    status = @card.status
+    @xmit_ioreq = @@xmit_iorequest[status[:protocol]]
+    if RUBY_PLATFORM =~ /win/ and (not RUBY_PLATFORM =~ /darwin/)
+      @recv_ioreq = nil
+    else
+      @recv_ioreq = PCSC::IoRequest.new
+    end
+  end
+  
+  def disconnect
+    unless @card.nil?
+      @card.disconnect PCSC::DISPOSITION_LEAVE
+      @card = nil
+    end
+    unless @context.nil?
+      @context.release
+      @context = nil
+    end
+  end  
+
+  def to_s
+    "#<PC/SC Terminal: disconnected>" if @card.nil?
+    "#<PC/SC Terminal: #{@reader_name}>"
+  end
+  
+  @@xmit_iorequest = {
+    Smartcard::PCSC::PROTOCOL_T0 => Smartcard::PCSC::IOREQUEST_T0,
+    Smartcard::PCSC::PROTOCOL_T1 => Smartcard::PCSC::IOREQUEST_T1,
+  }
+end  # class PcscTransport
+
+end  # module Tem::Transport

data/lib/tem/transport/transport.rb

@@ -0,0 +1,10 @@
+# The transport module contains classes responsible for transferring low-level
+# commands issed by the high-level TEM methods to actual TEMs, which can be
+# connected to the system in various ways.  
+module Tem::Transport
+
+  # Shortcut for Tem::Transport::AutoConfigurator#auto_transport
+  def self.auto_transport
+    Tem::Transport::AutoConfigurator.auto_transport
+  end
+end

data/lib/tem_ruby.rb

@@ -1,17 +1,25 @@
 # gems
+require 'rubygems'
 require 'smartcard'
 
+# :nodoc:
 module Tem
 end
 
-module Tem::SCard
+# :nodoc:
+module Tem::Transport
 end
 
-require 'scard/pcsc_terminal.rb'
-require 'scard/jcop_remote_terminal.rb'
-require 'scard/java_card.rb'
+require 'tem/transport/transport.rb'
+require 'tem/transport/java_card_mixin.rb'
+require 'tem/transport/pcsc_transport.rb'
+require 'tem/transport/jcop_remote_protocol.rb'
+require 'tem/transport/jcop_remote_transport.rb'
+require 'tem/transport/jcop_remote_server.rb'
+require 'tem/transport/auto_configurator.rb'
 
 require 'tem/abi.rb'
+require 'tem/auto_conf.rb'
 require 'tem/buffers.rb'
 require 'tem/ca.rb'
 require 'tem/crypto_abi.rb'

data/tem_ruby.gemspec

@@ -1,55 +1,39 @@
-
-# Gem::Specification for Tem_ruby-0.9.2
-# Originally generated by Echoe
+# -*- encoding: utf-8 -*-
 
 Gem::Specification.new do |s|
   s.name = %q{tem_ruby}
-  s.version = "0.9.2"
-
-  s.specification_version = 2 if s.respond_to? :specification_version=
+  s.version = "0.10.0"
 
-  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
   s.authors = ["Victor Costan"]
-  s.date = %q{2008-06-13}
+  s.date = %q{2009-04-08}
   s.description = %q{TEM (Trusted Execution Module) driver, written in and for ruby.}
   s.email = %q{victor@costan.us}
-  s.executables = ["tem_stat", "tem_ca", "tem_irb", "tem_bench"]
-  s.extra_rdoc_files = ["bin/tem_stat", "bin/tem_ca", "bin/tem_irb", "bin/tem_bench", "LICENSE", "lib/scard/java_card.rb", "lib/scard/jcop_remote_terminal.rb", "lib/scard/pcsc_terminal.rb", "lib/tem_ruby.rb", "lib/tem/tag.rb", "lib/tem/keys.rb", "lib/tem/sec_opcodes.rb", "lib/tem/_cert.rb", "lib/tem/buffers.rb", "lib/tem/toolkit.rb", "lib/tem/tem.rb", "lib/tem/abi.rb", "lib/tem/crypto_abi.rb", "lib/tem/ca.rb", "lib/tem/secpack.rb", "lib/tem/sec_exec_error.rb", "lib/tem/sec_assembler.rb", "lib/tem/lifecycle.rb", "lib/tem/ecert.rb", "lib/tem/hive.rb", "lib/tem/seclosures.rb", "README", "CHANGELOG"]
+  s.executables = ["tem_bench", "tem_ca", "tem_irb", "tem_proxy", "tem_stat"]
+  s.extra_rdoc_files = ["bin/tem_bench", "bin/tem_ca", "bin/tem_irb", "bin/tem_proxy", "bin/tem_stat", "CHANGELOG", "lib/tem/_cert.rb", "lib/tem/abi.rb", "lib/tem/auto_conf.rb", "lib/tem/buffers.rb", "lib/tem/ca.rb", "lib/tem/crypto_abi.rb", "lib/tem/ecert.rb", "lib/tem/hive.rb", "lib/tem/keys.rb", "lib/tem/lifecycle.rb", "lib/tem/sec_assembler.rb", "lib/tem/sec_exec_error.rb", "lib/tem/sec_opcodes.rb", "lib/tem/seclosures.rb", "lib/tem/secpack.rb", "lib/tem/tag.rb", "lib/tem/tem.rb", "lib/tem/toolkit.rb", "lib/tem/transport/auto_configurator.rb", "lib/tem/transport/java_card_mixin.rb", "lib/tem/transport/jcop_remote_protocol.rb", "lib/tem/transport/jcop_remote_server.rb", "lib/tem/transport/jcop_remote_transport.rb", "lib/tem/transport/pcsc_transport.rb", "lib/tem/transport/transport.rb", "lib/tem_ruby.rb", "LICENSE", "README"]
+  s.files = ["bin/tem_bench", "bin/tem_ca", "bin/tem_irb", "bin/tem_proxy", "bin/tem_stat", "CHANGELOG", "dev_ca/ca_cert.cer", "dev_ca/ca_cert.pem", "dev_ca/ca_key.pem", "dev_ca/config.yml", "lib/tem/_cert.rb", "lib/tem/abi.rb", "lib/tem/auto_conf.rb", "lib/tem/buffers.rb", "lib/tem/ca.rb", "lib/tem/crypto_abi.rb", "lib/tem/ecert.rb", "lib/tem/hive.rb", "lib/tem/keys.rb", "lib/tem/lifecycle.rb", "lib/tem/sec_assembler.rb", "lib/tem/sec_exec_error.rb", "lib/tem/sec_opcodes.rb", "lib/tem/seclosures.rb", "lib/tem/secpack.rb", "lib/tem/tag.rb", "lib/tem/tem.rb", "lib/tem/toolkit.rb", "lib/tem/transport/auto_configurator.rb", "lib/tem/transport/java_card_mixin.rb", "lib/tem/transport/jcop_remote_protocol.rb", "lib/tem/transport/jcop_remote_server.rb", "lib/tem/transport/jcop_remote_transport.rb", "lib/tem/transport/pcsc_transport.rb", "lib/tem/transport/transport.rb", "lib/tem_ruby.rb", "LICENSE", "Manifest", "Rakefile", "README", "test/_test_cert.rb", "test/tem_test_case.rb", "test/test_driver.rb", "test/test_exceptions.rb", "test/test_tem.rb", "test/transport/test_auto_configurator.rb", "test/transport/test_java_card_mixin.rb", "test/transport/test_jcop_remote.rb", "timings/blank_bound_secpack.rb", "timings/blank_sec.rb", "timings/devchip_decrypt.rb", "timings/post_buffer.rb", "timings/simple_apdu.rb", "timings/timings.rb", "timings/vm_perf.rb", "timings/vm_perf_bound.rb", "tem_ruby.gemspec"]
   s.has_rdoc = true
   s.homepage = %q{http://tem.rubyforge.org}
   s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Tem_ruby", "--main", "README"]
   s.require_paths = ["lib"]
   s.rubyforge_project = %q{tem}
-  s.rubygems_version = %q{1.1.1}
+  s.rubygems_version = %q{1.3.1}
   s.summary = %q{TEM (Trusted Execution Module) driver, written in and for ruby.}
-  s.test_files = ["test/test_driver.rb", "test/test_tem.rb", "test/test_exceptions.rb"]
+  s.test_files = ["test/test_driver.rb", "test/test_exceptions.rb", "test/test_tem.rb", "test/transport/test_auto_configurator.rb", "test/transport/test_java_card_mixin.rb", "test/transport/test_jcop_remote.rb"]
 
-  s.add_dependency(%q<smartcard>, [">= 0.3.0"])
-end
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 2
 
-
-# # Original Rakefile source (requires the Echoe gem):
-# 
-# require 'rubygems'
-# gem 'echoe'
-# require 'echoe'
-# 
-# Echoe.new('tem_ruby') do |p|
-#   p.project = 'tem' # rubyforge project
-#   p.docs_host = "costan@rubyforge.org:/var/www/gforge-projects/tem/rdoc/"
-#   
-#   p.author = 'Victor Costan'
-#   p.email = 'victor@costan.us'
-#   p.summary = 'TEM (Trusted Execution Module) driver, written in and for ruby.'
-#   p.url = 'http://tem.rubyforge.org'
-#   p.dependencies = ['smartcard >=0.3.0']
-#   
-#   p.need_tar_gz = true
-#   p.need_zip = true
-#   p.rdoc_pattern = /^(lib|bin|tasks|ext)|^BUILD|^README|^CHANGELOG|^TODO|^LICENSE|^COPYING$/  
-# end
-# 
-# if $0 == __FILE__
-#   Rake.application = Rake::Application.new
-#   Rake.application.run
-# end
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<smartcard>, [">= 0.3.0"])
+      s.add_development_dependency(%q<echoe>, [">= 0"])
+    else
+      s.add_dependency(%q<smartcard>, [">= 0.3.0"])
+      s.add_dependency(%q<echoe>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<smartcard>, [">= 0.3.0"])
+    s.add_dependency(%q<echoe>, [">= 0"])
+  end
+end

data/test/_test_cert.rb

@@ -26,23 +26,14 @@ require 'openssl'
 
 class CertTest < Test::Unit::TestCase
   def setup
-    @terminal = Tem::SCard::JCOPRemoteTerminal.new
-    unless @terminal.connect
-      @terminal.disconnect
-      @terminal = Tem::SCard::PCSCTerminal.new
-      @terminal.connect
-    end
-    @javacard = Tem::SCard::JavaCard.new(@terminal)
-    @tem = Tem::Session.new(@javacard)
+    @tem = Tem.auto_tem
     
     @tem.kill
     @tem.activate
-    
-    
   end
   
   def teardown
-    @terminal.disconnect unless @terminal.nil?
+    @tem.disconnect unless @tem.nil?
   end
   
   def test_cert
@@ -75,7 +66,5 @@ class CertTest < Test::Unit::TestCase
     #The only way to set the signature is to sign the certificate, and only the issuer (manufacturer) can do this.
     #This means that the manufacturer has to be contacted every time the user wants to verify the TEM's certificate,
     #and this may not be practical.
-    
-    
   end  
 end

data/test/tem_test_case.rb

@@ -0,0 +1,26 @@
+require 'test/unit'
+
+require 'tem_ruby'
+
+# Helper methods for TEM tests.
+#
+# This module implements setup and teardown methods that provide an initialized
+# @tem instance variable holding a Tem::Session. Just the right thing for
+# testing :) 
+class TemTestCase < Test::Unit::TestCase
+  def setup
+    @tem = Tem.auto_tem
+    
+    @tem.kill
+    @tem.activate
+  end
+  
+  def teardown
+    @tem.disconnect unless @tem.nil?
+  end
+  
+  def test_smoke
+    # All the required files have been parsed successfully.
+    assert true
+  end
+end

data/test/test_driver.rb

@@ -1,25 +1,6 @@
-require 'tem_ruby'
-require 'test/unit'
+require 'test/tem_test_case'
 
-class DriverTest < Test::Unit::TestCase
-  def setup
-    @terminal = Tem::SCard::JCOPRemoteTerminal.new
-    unless @terminal.connect
-      @terminal.disconnect
-      @terminal = Tem::SCard::PCSCTerminal.new
-      @terminal.connect
-    end
-    @javacard = Tem::SCard::JavaCard.new(@terminal)
-    @tem = Tem::Session.new(@javacard)
-    
-    @tem.kill
-    @tem.activate
-  end
-  
-  def teardown
-    @terminal.disconnect unless @terminal.nil?
-  end
-  
+class DriverTest < TemTestCase
   def test_buffers_io
     garbage = (1...569).map { |i| (i * i * 217 + i * 661 + 393) % 256 }
     
@@ -73,7 +54,7 @@ class DriverTest < Test::Unit::TestCase
     assert fwver[:major].kind_of?(Numeric) && fwver[:minor].kind_of?(Numeric), 'error in tag-backed firmware version'
   end
 
-  def test_crypto    
+  def test_crypto
     garbage = (1...415).map { |i| (i * i * 217 + i * 661 + 393) % 256 } 
     key_pair = @tem.devchip_generate_key_pair
     pubkey = @tem.devchip_save_key key_pair[:pubkey_id]

data/test/test_exceptions.rb

@@ -1,25 +1,6 @@
-require 'tem_ruby'
-require 'test/unit'
+require 'test/tem_test_case'
 
-class ExceptionsTest < Test::Unit::TestCase
-  def setup
-    @terminal = Tem::SCard::JCOPRemoteTerminal.new
-    unless @terminal.connect
-      @terminal.disconnect
-      @terminal = Tem::SCard::PCSCTerminal.new
-      @terminal.connect
-    end
-    @javacard = Tem::SCard::JavaCard.new(@terminal)
-    @tem = Tem::Session.new(@javacard)
-    
-    @tem.kill
-    @tem.activate
-  end
-  
-  def teardown
-    @terminal.disconnect unless @terminal.nil?
-  end
-  
+class ExceptionsTest < TemTestCase
   def test_trace
     # test the exception handling mechanism
     bad_sec = @tem.assemble { |s|
@@ -52,4 +33,4 @@ class ExceptionsTest < Test::Unit::TestCase
     end
     assert caught, "Executing a bad SECpack did not raise a SecExecError"
   end  
-end
+end

data/test/test_tem.rb

@@ -1,25 +1,6 @@
-require 'tem_ruby'
-require 'test/unit'
+require 'test/tem_test_case'
 
-class TemTest < Test::Unit::TestCase
-  def setup
-    @terminal = Tem::SCard::JCOPRemoteTerminal.new
-    unless @terminal.connect
-      @terminal.disconnect
-      @terminal = Tem::SCard::PCSCTerminal.new
-      @terminal.connect
-    end
-    @javacard = Tem::SCard::JavaCard.new(@terminal)
-    @tem = Tem::Session.new(@javacard)
-    
-    @tem.kill
-    @tem.activate
-  end
-  
-  def teardown
-    @terminal.disconnect unless @terminal.nil?
-  end
-  
+class TemTest < TemTestCase
   def test_alu
     sec = @tem.assemble { |s|
       s.ldbc 10

data/test/transport/test_auto_configurator.rb

@@ -0,0 +1,114 @@
+require 'test/unit'
+
+require 'rubygems'
+require 'flexmock/test_unit'
+
+require 'tem_ruby'
+
+class AutoConfiguratorTest < Test::Unit::TestCase
+  AutoConfigurator = Tem::Transport::AutoConfigurator
+  PcscTransport = Tem::Transport::PcscTransport
+  JcopRemoteTransport = Tem::Transport::JcopRemoteTransport
+    
+  def setup
+    @env_var = AutoConfigurator::ENVIRONMENT_VARIABLE_NAME 
+  end
+
+  def test_env_configuration_blank
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return(nil)
+    assert_equal nil, AutoConfigurator.env_configuration
+  end
+  def test_env_configuration_remote_port
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return(':6996')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => '127.0.0.1', :port => 6996}, conf[:opts])
+  end  
+  def test_env_configuration_remote_noport
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return(':')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => '127.0.0.1', :port => 8050}, conf[:opts])
+  end
+  def test_env_configuration_remote_host_port
+    flexmock(ENV).should_receive(:[]).with(@env_var).
+                  and_return('@moonstone:6996')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => 'moonstone', :port => 6996}, conf[:opts])
+  end
+  def test_env_configuration_remote_host_noport    
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return('@moonstone')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => 'moonstone', :port => 8050}, conf[:opts])
+  end
+  def test_env_configuration_remote_ipv6_port
+    flexmock(ENV).should_receive(:[]).with(@env_var).
+                  and_return('@ff80::0080:6996')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => 'ff80::0080', :port => 6996}, conf[:opts])
+  end
+  def test_env_configuration_remote_ipv6_noport
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return('@ff80::0080:')
+    conf = AutoConfigurator.env_configuration
+    assert_equal JcopRemoteTransport, conf[:class]
+    assert_equal({:host => 'ff80::0080', :port => 8050}, conf[:opts])
+  end
+
+  def test_env_configuration_pcsc_reader_index
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return('#1')
+    conf = AutoConfigurator.env_configuration
+    assert_equal PcscTransport, conf[:class]
+    assert_equal({:reader_index => 0}, conf[:opts])
+  end
+  def test_env_configuration_pcsc_reader_name
+    reader_name = 'Awesome Reader'
+    flexmock(ENV).should_receive(:[]).with(@env_var).
+                and_return(reader_name)
+    conf = AutoConfigurator.env_configuration
+    assert_equal PcscTransport, conf[:class]
+    assert_equal({:reader_name => reader_name}, conf[:opts])
+  end
+  
+  def test_try_transport
+    transport = Object.new
+    flexmock(PcscTransport).should_receive(:new).with(:reader_index => 1).
+                            and_return(transport)
+    flexmock(transport).should_receive(:connect)
+    flexmock(PcscTransport).should_receive(:new).with(:reader_index => 2).
+                            and_raise('Boom headshot')
+    failport = Object.new
+    flexmock(PcscTransport).should_receive(:new).with(:reader_index => 3).
+                            and_return(failport)    
+    flexmock(failport).should_receive(:connect).and_raise('Lag')
+    
+    config = { :class => PcscTransport, :opts => {:reader_index => 1} }
+    assert_equal transport, AutoConfigurator.try_transport(config)
+    config = { :class => PcscTransport, :opts => {:reader_index => 2} }
+    assert_equal nil, AutoConfigurator.try_transport(config)
+    config = { :class => PcscTransport, :opts => {:reader_index => 3} }
+    assert_equal nil, AutoConfigurator.try_transport(config)
+  end
+  
+  def test_auto_transport_uses_env
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return('#1')
+    transport = Object.new
+    flexmock(PcscTransport).should_receive(:new).with(:reader_index => 0).
+                            and_return(transport)
+    flexmock(transport).should_receive(:connect)
+    
+    assert_equal transport, AutoConfigurator.auto_transport
+  end
+  
+  def test_auto_transport_with_defaults
+    flexmock(ENV).should_receive(:[]).with(@env_var).and_return(nil)
+    transport = Object.new
+    flexmock(JcopRemoteTransport).should_receive(:new).and_return(nil)
+    flexmock(PcscTransport).should_receive(:new).and_return(transport)
+    flexmock(transport).should_receive(:connect)    
+        
+    assert_equal transport, AutoConfigurator.auto_transport
+  end
+end

data/test/transport/test_java_card_mixin.rb

@@ -0,0 +1,90 @@
+require 'test/unit'
+
+require 'rubygems'
+require 'flexmock/test_unit'
+
+require 'tem_ruby'
+
+class JavaCardMixinTest < Test::Unit::TestCase
+  JavaCardMixin = Tem::Transport::JavaCardMixin
+  
+  # The sole purpose of this class is wrapping the mixin under test.
+  class MixinWrapper
+    include JavaCardMixin
+  end
+  
+  def setup
+  end
+
+  def test_serialize_apdu
+    s = lambda { |apdu| JavaCardMixin.serialize_apdu apdu }
+
+    assert_equal [0x00, 0x05, 0x00, 0x00, 0x00], s[:ins => 0x05],
+                 'Specified INS'
+    assert_equal [0x00, 0x09, 0x00, 0x01, 0x00], s[:ins => 0x09, :p2 => 0x01],
+                 'Specified INS and P2'
+    assert_equal [0x00, 0xF9, 0xAC, 0xEF, 0x00],
+                 s[:ins => 0xF9, :p1 => 0xAC, :p2 => 0xEF],
+                 'Specified INS, P1, P2'
+    assert_equal [0x00, 0xFA, 0xAD, 0xEC, 0x00],
+                 s[:ins => 0xFA, :p12 => [0xAD, 0xEC]],
+                 'Specified INS, P1+P2'
+    assert_equal [0x00, 0x0E, 0x00, 0x00, 0x04, 0x33, 0x95, 0x81, 0x63],
+                 s[:ins => 0x0E, :data => [0x33, 0x95, 0x81, 0x63]],
+                 'Specified INS and DATA'
+    assert_equal [0x80, 0x0F, 0xBA, 0xBE, 0x03, 0x31, 0x41, 0x59],
+                 s[:cla => 0x80, :ins => 0x0F, :p1 => 0xBA, :p2 => 0xBE,
+                   :data => [0x31, 0x41, 0x59]],
+                 'Specified everything'
+    assert_raise(RuntimeError, 'Did not specify INS') do
+      s[:cla => 0x80, :p1 => 0xBA, :p2 => 0xBE, :data => [0x31, 0x41, 0x59]]
+    end
+  end
+  
+  def test_deserialize_response
+    d = lambda { |response| JavaCardMixin.deserialize_response response }
+    
+    assert_equal({ :status => 0x9000, :data => [] }, d[[0x90, 0x00]])
+    assert_equal({ :status => 0x8631, :data => [] }, d[[0x86, 0x31]])
+    assert_equal({ :status => 0x9000, :data => [0x31, 0x41, 0x59, 0x26] },
+                 d[[0x31, 0x41, 0x59, 0x26, 0x90, 0x00]])
+    assert_equal({ :status => 0x7395, :data => [0x31, 0x41, 0x59, 0x26] },
+                 d[[0x31, 0x41, 0x59, 0x26, 0x73, 0x95]])
+  end
+  
+  def win_mock
+    mock = MixinWrapper.new
+    flexmock(mock).should_receive(:exchange_apdu).
+                   with([0x00, 0xF9, 0xAC, 0x00, 0x02, 0x31, 0x41]).
+                   and_return([0x67, 0x31, 0x90, 0x00])
+    mock
+  end  
+  def win_apdu
+    {:ins => 0xF9, :p1 => 0xAC, :data => [0x31, 0x41]}
+  end
+  
+  def lose_mock
+    mock = MixinWrapper.new
+    flexmock(mock).should_receive(:exchange_apdu).
+                   with([0x00, 0xF9, 0xAC, 0x00, 0x02, 0x31, 0x41]).
+                   and_return([0x86, 0x31])
+    mock
+  end  
+  def lose_apdu
+    win_apdu
+  end
+
+  def test_applet_apdu
+    assert_equal({:status => 0x9000, :data => [0x67, 0x31]},
+                 win_mock.applet_apdu(win_apdu))
+    assert_equal({:status => 0x8631, :data => []},
+                 lose_mock.applet_apdu(lose_apdu))
+  end
+  
+  def test_applet_apdu_bang
+    assert_equal [0x67, 0x31], win_mock.applet_apdu!(win_apdu)
+    assert_raise(RuntimeError) do
+      lose_mock.applet_apdu!(lose_apdu)
+    end
+  end
+end

data/test/transport/test_jcop_remote.rb

@@ -0,0 +1,82 @@
+require 'test/unit'
+
+require 'rubygems'
+require 'flexmock/test_unit'
+
+require 'tem_ruby'
+
+# Tests JcopRemoteProtocol, JcopRemoteServer, and JcopRemoteTransport.
+class JcopRemoteTest < Test::Unit::TestCase
+  Protocol = Tem::Transport::JcopRemoteProtocol
+  Server = Tem::Transport::JcopRemoteServer
+  Transport = Tem::Transport::JcopRemoteTransport
+  
+  # Serving logic that records what it receives and replays a log.
+  class Logic
+    include Protocol
+    attr_reader :received
+    def initialize(responses)
+      @responses = responses
+      @received = []
+    end
+    def connection_start
+      @received << :start
+    end
+    def connection_end
+      @received << :end
+    end
+    def exchange_apdu(apdu)
+      @received << apdu
+      @responses.shift
+    end
+  end
+  
+  def setup
+    @server = Server.new(:ip => '127.0.0.1', :port => 51995)
+    @client = Transport.new :host => '127.0.0.1', :port => 51995
+    @old_abort_on_exception = Thread.abort_on_exception
+    Thread.abort_on_exception = true
+  end
+  
+  def teardown
+    Thread.abort_on_exception = @old_abort_on_exception
+    @server.stop
+  end
+
+  def test_apdu_exchange
+    apdu_request = [0x31, 0x41, 0x59, 0x26, 0x53]
+    apdu_response = [0x27, 0x90, 0x00]
+    
+    logic = Logic.new([apdu_response])
+    Thread.new do
+      begin
+        @server.run logic
+      rescue Exception
+        print $!, "\n"
+        print $!.backtrace.join("\n")
+        raise
+      end
+    end
+    Kernel.sleep 0.05  # Wait for the server to start up.
+    @client.connect
+    assert_equal apdu_response, @client.exchange_apdu(apdu_request)
+    @client.disconnect
+    Kernel.sleep 0.05  # Wait for the server to process the disconnect.
+    assert_equal [:start, apdu_request, :end], logic.received
+  end
+  
+  def test_java_card_integration
+    apdu_request = [0x00, 0x31, 0x41, 0x59, 0x00]
+    apdu_response = [0x27, 0x90, 0x00]
+
+    logic = Logic.new([apdu_response])
+    Thread.new { @server.run logic }
+    Kernel.sleep 0.05  # Wait for the server to start up.
+    @client.connect
+    assert_equal [0x27],
+                 @client.applet_apdu!(:ins => 0x31, :p1 => 0x41, :p2 => 0x59)
+    @client.disconnect
+    Kernel.sleep 0.05  # Wait for the server to process the disconnect.
+    assert_equal [:start, apdu_request, :end], logic.received
+  end
+end