Module: NSS

Defined in:
lib/nss.rb

Defined Under Namespace

Classes: Error

Class Method Summary collapse

Class Method Details

.authenticate(password) ⇒ Object 



85
86
87
88
89
 
# File 'lib/nss.rb', line 85

def self.authenticate(password)
  with_internal_key_slot do |slot|
    check_user_password(slot, password)
  end
end

.base64_decode(str, &block) ⇒ Object

Raises:



91
92
93
94
95
96
97
98
99
100
 
# File 'lib/nss.rb', line 91

def self.base64_decode(str, &block)
  str_item = NSSFFI.nss_base64_decode_buffer(nil, nil, str, str.bytesize())
  raise NSS::Error, "cannot decode base64 string" if str_item.nil?

  begin
    yield str_item
  ensure
    NSSFFI.secitem_free_item(str_item, 1)
  end
end

.check_user_password(slot, password) ⇒ Object

Raises:



80
81
82
83
 
# File 'lib/nss.rb', line 80

def self.check_user_password(slot, password)
  res = NSSFFI.pk11_check_user_password(slot, password)
  raise NSS::Error, "authentication failed" unless res == :success
end

.decrypt(b64str) ⇒ Object 



102
103
104
105
106
107
108
109
110
111
 
# File 'lib/nss.rb', line 102

def self.decrypt(b64str)
  base64_decode(b64str) do |str_item|
    with_sec_item do |res_item|
      res = NSSFFI.pk11sdr_decrypt(str_item, res_item, nil)
      raise NSS::Error, "cannot decrypt string" unless res == :success

      res_item.string()
    end
  end
end

.init(profile_path) ⇒ Object

Raises:



64
65
66
67
 
# File 'lib/nss.rb', line 64

def self.init(profile_path)
  res = NSSFFI.nss_init(profile_path.to_s())
  raise NSS::Error, "cannot initialize nss" unless res == :success
end

.with_internal_key_slot(&block) ⇒ Object

Raises:



69
70
71
72
73
74
75
76
77
78
 
# File 'lib/nss.rb', line 69

def self.with_internal_key_slot(&block)
  slot = NSSFFI.pk11_get_internal_key_slot()
  raise NSS::Error, "cannot retrieve internal key slot" if slot.nil?

  begin
    yield slot
  ensure
    NSSFFI.pk11_free_slot(slot)
  end
end

.with_sec_item(&block) ⇒ Object

Raises:



113
114
115
116
117
118
119
120
121
122
 
# File 'lib/nss.rb', line 113

def self.with_sec_item(&block)
  item = NSSFFI.secitem_alloc_item(nil, nil, 0)
  raise NSS::Error, "cannot allocate sec item" if item.nil?

  begin
    yield item
  ensure
    NSSFFI.secitem_free_item(item, 1)
  end
end