module NSS

Public Class Methods

authenticate(password) click to toggle source
# File lib/nss.rb, line 85
def self.authenticate(password)
  with_internal_key_slot do |slot|
    check_user_password(slot, password)
  end
end
base64_decode(str) { |str_item| ... } click to toggle source
# File lib/nss.rb, line 91
def self.base64_decode(str, &block)
  str_item = NSSFFI.nss_base64_decode_buffer(nil, nil, str, str.bytesize())
  raise NSS::Error, "cannot decode base64 string" if str_item.nil?

  begin
    yield str_item
  ensure
    NSSFFI.secitem_free_item(str_item, 1)
  end
end
check_user_password(slot, password) click to toggle source
# File lib/nss.rb, line 80
def self.check_user_password(slot, password)
  res = NSSFFI.pk11_check_user_password(slot, password)
  raise NSS::Error, "authentication failed" unless res == :success
end
decrypt(b64str) click to toggle source
# File lib/nss.rb, line 102
def self.decrypt(b64str)
  base64_decode(b64str) do |str_item|
    with_sec_item do |res_item|
      res = NSSFFI.pk11sdr_decrypt(str_item, res_item, nil)
      raise NSS::Error, "cannot decrypt string" unless res == :success

      res_item.string()
    end
  end
end
init(profile_path) click to toggle source
# File lib/nss.rb, line 64
def self.init(profile_path)
  res = NSSFFI.nss_init(profile_path.to_s())
  raise NSS::Error, "cannot initialize nss" unless res == :success
end
with_internal_key_slot() { |slot| ... } click to toggle source
# File lib/nss.rb, line 69
def self.with_internal_key_slot(&block)
  slot = NSSFFI.pk11_get_internal_key_slot()
  raise NSS::Error, "cannot retrieve internal key slot" if slot.nil?

  begin
    yield slot
  ensure
    NSSFFI.pk11_free_slot(slot)
  end
end
with_sec_item() { |item| ... } click to toggle source
# File lib/nss.rb, line 113
def self.with_sec_item(&block)
  item = NSSFFI.secitem_alloc_item(nil, nil, 0)
  raise NSS::Error, "cannot allocate sec item" if item.nil?

  begin
    yield item
  ensure
    NSSFFI.secitem_free_item(item, 1)
  end
end