vacman_controller 0.8.0 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a360beaa57827bbf141c8950a6c710b45d36407b
-  data.tar.gz: 763194f1e0d63f46459631545c8604429a0b0d92
+  metadata.gz: e0ca16e795a315dcd5ef2264252c02822ee49dea
+  data.tar.gz: 8ae0fdc80a88b506d2bb6c15791e12c3a13122ab
 SHA512:
-  metadata.gz: d9764b70e7b0d0523ef1e48b9edf5714afaf3db4fef884bf4e13c917b81a2e40f896c315e65cd8a0fdf04a51289a6359acdbcb5ca62c2cd5e3f0a80b8846718f
-  data.tar.gz: 410138647a65b8106aa8517be8551dc45a240a0891df397f6f3a9f91bd3af22e9bc0f4b6a00dd5722e4de52e1e9b49fd573ff9bafcf0c98bbc283d4f20f8c0e6
+  metadata.gz: 27ec0832a4df5c74031f088cccebcc86be7356b344c4d2f68499293260c5df18d737f3994d5b1e586618fecd733e0d26703300998b6c601867464a680294a8fb
+  data.tar.gz: 18c0f21970fddd3cb094715040ba578b7919d025689545cbea7cbc7e7fed330d2c3a73a61026120aaf11a3f1c6a3946201cfb0fb469754536a7578cb769d3bdb

data/ext/vacman_controller/dpx.c

@@ -31,11 +31,26 @@ VALUE vacman_dpx_import(VALUE module, VALUE filename, VALUE key) {
                                  appl_names,
                                  &token_count);
 
+  /* Open the DPX */
   if (result != 0) {
     vacman_library_error("AAL2DPXInit", result);
     return Qnil;
   }
 
+  /* Get static vector for token activation code generation */
+  aat_ascii sw_out_static_vector[4094+1];
+  aat_int32 sw_out_static_vector_len = sizeof(sw_out_static_vector);
+  result = AAL2DPXGetStaticVector(&dpx_handle,
+                                  &g_KernelParms,
+                                  sw_out_static_vector,
+                                  &sw_out_static_vector_len);
+
+  /* If no static vector is present, clear the buffer */
+  if (result != 0) {
+    memset(sw_out_static_vector, 0, sizeof(sw_out_static_vector));
+  }
+
+  /* Get the tokens */
   aat_ascii sw_out_serial_No[22+1];
   aat_ascii sw_out_type[5+1];
   aat_ascii sw_out_authmode[2+1];
@@ -62,7 +77,7 @@ VALUE vacman_dpx_import(VALUE module, VALUE filename, VALUE key) {
 
     VALUE hash = rb_hash_new();
 
-    vacman_digipass_to_rbhash(&dpdata, hash);
+    vacman_digipass_to_rbhash_sv(&dpdata, sw_out_static_vector, hash);
 
     rb_ary_push(list, hash);
   }
@@ -71,3 +86,42 @@ VALUE vacman_dpx_import(VALUE module, VALUE filename, VALUE key) {
 
   return list;
 }
+
+
+/*
+ * Generate token activation code
+ */
+VALUE vacman_dpx_generate_token_activation(VALUE module, VALUE token) {
+  TDigipassBlob dpdata;
+
+  aat_ascii static_vector[4094+1];
+  vacman_rbhash_to_digipass_sv(token, &dpdata, static_vector, sizeof(static_vector));
+
+  TDigipassBlob *dpdata_ary[8] = { &dpdata, 0, 0, 0, 0, 0, 0, 0 };
+
+  aat_int32 actv_flags = ACTV_OFFLINE;
+  aat_ascii serial_num[14+1];
+  aat_ascii actv_code[4142+1];
+
+  aat_int32 result = AAL2GenActivationCodeXErc(dpdata_ary,     /* DPData */
+                                               1,              /* Appl_count */
+                                               &g_KernelParms, /* CallParms */
+                                               static_vector,  /* aStaticVectorIn DIGIPASS parameter setting */
+                                               NULL,           /* aSharedData for encryption */
+                                               NULL,           /* aAlea for encryption */
+                                               &actv_flags,    /* ActivationFlags */
+                                               serial_num,     /* aSerialNumberSuffix */
+                                               actv_code,      /* aXFAD */
+                                               NULL);          /* aXERC */
+
+  if (result != 0) {
+    vacman_library_error("AAL2GenActivationCodeXErc", result);
+    return Qnil;
+  }
+
+  VALUE ret = rb_hash_new();
+  rb_hash_aset(ret, rb_str_new2("serial"), rb_str_new2(serial_num));
+  rb_hash_aset(ret, rb_str_new2("activation"), rb_str_new2(actv_code));
+
+  return ret;
+}

data/ext/vacman_controller/main.c

@@ -22,7 +22,10 @@ void Init_vacman_low_level(void) {
 
   /* Global methods */
   rb_define_singleton_method(lowlevel, "library_version",       vacman_library_version, 0);
+
+  /* DPX methods */
   rb_define_singleton_method(lowlevel, "import",                vacman_dpx_import, 2);
+  rb_define_singleton_method(lowlevel, "generate_activation",   vacman_dpx_generate_token_activation, 1);
 
   /* Token methods */
   rb_define_singleton_method(lowlevel, "token_property_names",  vacman_token_get_property_names, 0);

data/ext/vacman_controller/serialize.c

@@ -36,7 +36,30 @@ void vacman_rbhash_to_digipass(VALUE token, TDigipassBlob* dpdata) {
 }
 
 /*
- * Convert a TDigipassBlob structure into a Ruby Hash
+ * Convert a Ruby Hash with the required keys to a TDigipassBlob structure,
+ * and extract the token static vector into the buffer pointed to by dpsv,
+ * copying at most dpsv_len bytes.
+ *
+ * The inner beauty of using an hash to store this data back and forth is
+ * that optional data such as the static vector can only be taken into account
+ * in routines that need it, leaving it completely opaque for the rest of the
+ * code.
+ *
+ * Given that the token hash is meant to be updated by the calls, and given
+ * that everything is allocated on the stack, this stays threadsafe and does
+ * not induce oddities as no routine here is removing keys from the provided
+ * hash - only using the ones that are needed.
+ */
+void vacman_rbhash_to_digipass_sv(VALUE token, TDigipassBlob* dpdata, aat_ascii* dpsv, aat_int32 dpsv_len) {
+  vacman_rbhash_to_digipass(token, dpdata);
+
+  VALUE sv = rbhash_get_key(token, "sv", T_STRING);
+
+  strncpy(dpsv, rb_string_value_cstr(&sv), dpsv_len);
+}
+
+/*
+ * Convert a TDigipassBlob structure into a Ruby Hash.
  */
 void vacman_digipass_to_rbhash(TDigipassBlob* dpdata, VALUE hash) {
   char buffer[256];
@@ -57,6 +80,19 @@ void vacman_digipass_to_rbhash(TDigipassBlob* dpdata, VALUE hash) {
   rb_hash_aset(hash, rb_str_new2("flags2"), rb_fix_new(dpdata->DPFlags[1]));
 }
 
+/*
+ * Convert the given TDigipassBlob and the given token static vector into a
+ * Ruby hash.
+ *
+ * Calls vacman_digipass_to_rbhash() and then adds to it the additional "sv"
+ * key with the token static vector passed in as a C string.
+ */
+void vacman_digipass_to_rbhash_sv(TDigipassBlob* dpdata, aat_ascii* dpsv, VALUE hash) {
+  vacman_digipass_to_rbhash(dpdata, hash);
+
+  rb_hash_aset(hash, rb_str_new2("sv"), rb_str_new2(dpsv));
+}
+
 /*
  * Gets the given property from the given token hash and raises an Error
  * if the following conditions occur:

data/ext/vacman_controller/vacman_controller.h

@@ -37,11 +37,15 @@ VALUE vacman_token_verify_password(VALUE module, VALUE token, VALUE password);
 VALUE vacman_token_generate_password(VALUE module, VALUE token);
 
 /* Token interchange format between Ruby and libaal2 (serialize.c) */
-void vacman_rbhash_to_digipass(VALUE token, TDigipassBlob* dpdata);
 void vacman_digipass_to_rbhash(TDigipassBlob* dpdata, VALUE hash);
+void vacman_digipass_to_rbhash_sv(TDigipassBlob* dpdata, aat_ascii* dpsv, VALUE hash);
+
+void vacman_rbhash_to_digipass(VALUE token, TDigipassBlob* dpdata);
+void vacman_rbhash_to_digipass_sv(VALUE token, TDigipassBlob* dpdata, aat_ascii* dpsv, aat_int32 dpsv_len);
 
 /* DPX methods (dpx.c) */
 VALUE vacman_dpx_import(VALUE module, VALUE filename, VALUE key);
+VALUE vacman_dpx_generate_token_activation(VALUE module, VALUE token);
 
 #if defined(__cplusplus)
 #if 0

data/lib/vacman_controller/token.rb

@@ -79,8 +79,8 @@ module VacmanController
     end
 
 
-    # Generate an OTPfrom this token. This does the same as hitting the button
-    # on the hardware token.
+    # Generate an OTP from this token. This does the same as hitting the
+    # button on the hardware token.
     #
     # == Returns:
     # The OTP as a String. The OTP is only valid for a limited time period.
@@ -92,6 +92,24 @@ module VacmanController
     end
 
 
+    # Generate activation data from the token blob and the digipass parameters
+    # embodied in the token static initialisation vector.
+    #
+    # == Returns:
+    # The token serial number and the activation code as an Array, suitable
+    # for multiple assignment.
+    #
+    # Not all tokens support activation data generation. This is determined by
+    # the DPX having a static vector or not. You can check whether your token
+    # instance has a static vector by assessing the presence of the 'sv' key
+    # in the token hash.
+    #
+    def activation
+      ad = VacmanController::LowLevel.generate_activation(@token_hash)
+      [ ad.fetch('serial').scan(/\d(\d)/).flatten.join, ad.fetch('activation') ]
+    end
+
+
     # Set this token's PIN
     #
     # == Parameters:

data/lib/vacman_controller/version.rb

@@ -1,3 +1,3 @@
 module VacmanController
-  VERSION = '0.8.0'
+  VERSION = '0.9.0'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: vacman_controller
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.9.0
 platform: ruby
 authors:
 - Marcus Lankenau
@@ -137,7 +137,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2.3
+rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
 summary: Ruby layer to access VASCO Vacman Controller functions