Convert remaining APIs to Result<(), ErrorKind>
This commit is contained in:
+18
-27
@@ -311,7 +311,7 @@ pub unsafe fn ykpiv_util_list_keys(
|
|||||||
data_len: *mut usize,
|
data_len: *mut usize,
|
||||||
) -> Result<(), ErrorKind> {
|
) -> Result<(), ErrorKind> {
|
||||||
let mut _currentBlock;
|
let mut _currentBlock;
|
||||||
let mut res: ErrorKind = ErrorKind::Ok;
|
let mut res = Ok(());
|
||||||
let mut p_key: *mut YkPivKey;
|
let mut p_key: *mut YkPivKey;
|
||||||
let mut p_data: *mut u8 = ptr::null_mut();
|
let mut p_data: *mut u8 = ptr::null_mut();
|
||||||
let mut p_temp: *mut u8;
|
let mut p_temp: *mut u8;
|
||||||
@@ -353,7 +353,7 @@ pub unsafe fn ykpiv_util_list_keys(
|
|||||||
cb_buf = buf.len();
|
cb_buf = buf.len();
|
||||||
res = _read_certificate(state, SLOTS[i], buf.as_mut_ptr(), &mut cb_buf);
|
res = _read_certificate(state, SLOTS[i], buf.as_mut_ptr(), &mut cb_buf);
|
||||||
|
|
||||||
if res == ErrorKind::Ok && (cb_buf > 0) {
|
if res.is_ok() && (cb_buf > 0) {
|
||||||
cb_realloc = if mem::size_of::<YkPivKey>()
|
cb_realloc = if mem::size_of::<YkPivKey>()
|
||||||
.wrapping_add(cb_buf)
|
.wrapping_add(cb_buf)
|
||||||
.wrapping_sub(1)
|
.wrapping_sub(1)
|
||||||
@@ -419,9 +419,9 @@ pub unsafe fn ykpiv_util_list_keys(
|
|||||||
if !data_len.is_null() {
|
if !data_len.is_null() {
|
||||||
*data_len = offset;
|
*data_len = offset;
|
||||||
}
|
}
|
||||||
res = ErrorKind::Ok;
|
res = Ok(());
|
||||||
} else {
|
} else {
|
||||||
res = ErrorKind::MemoryError;
|
res = Err(ErrorKind::MemoryError);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -430,10 +430,7 @@ pub unsafe fn ykpiv_util_list_keys(
|
|||||||
}
|
}
|
||||||
|
|
||||||
_ykpiv_end_transaction(state);
|
_ykpiv_end_transaction(state);
|
||||||
match res {
|
res
|
||||||
ErrorKind::Ok => Ok(()),
|
|
||||||
e => Err(e),
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Read certificate
|
/// Read certificate
|
||||||
@@ -443,7 +440,7 @@ pub unsafe fn ykpiv_util_read_cert(
|
|||||||
data: *mut *mut u8,
|
data: *mut *mut u8,
|
||||||
data_len: *mut usize,
|
data_len: *mut usize,
|
||||||
) -> Result<(), ErrorKind> {
|
) -> Result<(), ErrorKind> {
|
||||||
let mut res: ErrorKind = ErrorKind::Ok;
|
let mut res = Ok(());
|
||||||
let mut buf = [0u8; YKPIV_OBJ_MAX_SIZE];
|
let mut buf = [0u8; YKPIV_OBJ_MAX_SIZE];
|
||||||
let mut cb_buf: usize = buf.len();
|
let mut cb_buf: usize = buf.len();
|
||||||
|
|
||||||
@@ -457,7 +454,7 @@ pub unsafe fn ykpiv_util_read_cert(
|
|||||||
*data = ptr::null_mut();
|
*data = ptr::null_mut();
|
||||||
*data_len = 0;
|
*data_len = 0;
|
||||||
res = _read_certificate(state, slot, buf.as_mut_ptr(), &mut cb_buf);
|
res = _read_certificate(state, slot, buf.as_mut_ptr(), &mut cb_buf);
|
||||||
if res == ErrorKind::Ok {
|
if res.is_ok() {
|
||||||
if cb_buf == 0 {
|
if cb_buf == 0 {
|
||||||
*data = ptr::null_mut();
|
*data = ptr::null_mut();
|
||||||
*data_len = 0;
|
*data_len = 0;
|
||||||
@@ -467,7 +464,7 @@ pub unsafe fn ykpiv_util_read_cert(
|
|||||||
}
|
}
|
||||||
.is_null()
|
.is_null()
|
||||||
{
|
{
|
||||||
res = ErrorKind::MemoryError;
|
res = Err(ErrorKind::MemoryError);
|
||||||
} else {
|
} else {
|
||||||
memcpy(
|
memcpy(
|
||||||
*data as (*mut c_void),
|
*data as (*mut c_void),
|
||||||
@@ -480,10 +477,7 @@ pub unsafe fn ykpiv_util_read_cert(
|
|||||||
}
|
}
|
||||||
|
|
||||||
_ykpiv_end_transaction(state);
|
_ykpiv_end_transaction(state);
|
||||||
match res {
|
res
|
||||||
ErrorKind::Ok => Ok(()),
|
|
||||||
e => Err(e),
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Write certificate
|
/// Write certificate
|
||||||
@@ -1404,7 +1398,7 @@ pub unsafe fn ykpiv_util_get_config(
|
|||||||
let mut cb_data: usize = mem::size_of::<[u8; YKPIV_OBJ_MAX_SIZE]>();
|
let mut cb_data: usize = mem::size_of::<[u8; YKPIV_OBJ_MAX_SIZE]>();
|
||||||
let mut p_item: *mut u8 = ptr::null_mut();
|
let mut p_item: *mut u8 = ptr::null_mut();
|
||||||
let mut cb_item: usize = 0;
|
let mut cb_item: usize = 0;
|
||||||
let res = ErrorKind::Ok;
|
let mut res = Ok(());
|
||||||
|
|
||||||
if config.is_null() {
|
if config.is_null() {
|
||||||
return Err(ErrorKind::GenericError);
|
return Err(ErrorKind::GenericError);
|
||||||
@@ -1485,7 +1479,7 @@ pub unsafe fn ykpiv_util_get_config(
|
|||||||
if _read_metadata(state, 0x88u8, data.as_mut_ptr(), &mut cb_data).is_ok() {
|
if _read_metadata(state, 0x88u8, data.as_mut_ptr(), &mut cb_data).is_ok() {
|
||||||
(*config).protected_data_available = 1u8;
|
(*config).protected_data_available = 1u8;
|
||||||
|
|
||||||
let res = _get_metadata_item(
|
res = _get_metadata_item(
|
||||||
data.as_mut_ptr(),
|
data.as_mut_ptr(),
|
||||||
cb_data,
|
cb_data,
|
||||||
0x81u8,
|
0x81u8,
|
||||||
@@ -1497,7 +1491,7 @@ pub unsafe fn ykpiv_util_get_config(
|
|||||||
(*config).puk_noblock_on_upgrade = 1u8;
|
(*config).puk_noblock_on_upgrade = 1u8;
|
||||||
}
|
}
|
||||||
|
|
||||||
let res = _get_metadata_item(
|
res = _get_metadata_item(
|
||||||
data.as_mut_ptr(),
|
data.as_mut_ptr(),
|
||||||
cb_data,
|
cb_data,
|
||||||
0x89u8,
|
0x89u8,
|
||||||
@@ -1519,10 +1513,7 @@ pub unsafe fn ykpiv_util_get_config(
|
|||||||
}
|
}
|
||||||
|
|
||||||
_ykpiv_end_transaction(state);
|
_ykpiv_end_transaction(state);
|
||||||
match res {
|
res
|
||||||
ErrorKind::Ok => Ok(()),
|
|
||||||
e => Err(e),
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Set PIN last changed
|
/// Set PIN last changed
|
||||||
@@ -1973,13 +1964,13 @@ unsafe fn _read_certificate(
|
|||||||
slot: u8,
|
slot: u8,
|
||||||
buf: *mut u8,
|
buf: *mut u8,
|
||||||
buf_len: *mut usize,
|
buf_len: *mut usize,
|
||||||
) -> ErrorKind {
|
) -> Result<(), ErrorKind> {
|
||||||
let mut ptr: *mut u8;
|
let mut ptr: *mut u8;
|
||||||
let object_id = ykpiv_util_slot_object(slot) as i32;
|
let object_id = ykpiv_util_slot_object(slot) as i32;
|
||||||
let mut len: usize = 0;
|
let mut len: usize = 0;
|
||||||
|
|
||||||
if object_id == -1 {
|
if object_id == -1 {
|
||||||
return ErrorKind::InvalidObject;
|
return Err(ErrorKind::InvalidObject);
|
||||||
}
|
}
|
||||||
|
|
||||||
if _ykpiv_fetch_object(state, object_id, buf, buf_len).is_ok() {
|
if _ykpiv_fetch_object(state, object_id, buf, buf_len).is_ok() {
|
||||||
@@ -1987,7 +1978,7 @@ unsafe fn _read_certificate(
|
|||||||
|
|
||||||
if *buf_len < CB_OBJ_TAG_MIN {
|
if *buf_len < CB_OBJ_TAG_MIN {
|
||||||
*buf_len = 0;
|
*buf_len = 0;
|
||||||
return ErrorKind::Ok;
|
return Ok(());
|
||||||
} else if *{
|
} else if *{
|
||||||
let _old = ptr;
|
let _old = ptr;
|
||||||
ptr = ptr.offset(1);
|
ptr = ptr.offset(1);
|
||||||
@@ -1998,7 +1989,7 @@ unsafe fn _read_certificate(
|
|||||||
|
|
||||||
if len > *buf_len - (ptr as isize - buf as isize) as usize {
|
if len > *buf_len - (ptr as isize - buf as isize) as usize {
|
||||||
*buf_len = 0;
|
*buf_len = 0;
|
||||||
return ErrorKind::Ok;
|
return Ok(());
|
||||||
} else {
|
} else {
|
||||||
memmove(buf as (*mut c_void), ptr as (*const c_void), len);
|
memmove(buf as (*mut c_void), ptr as (*const c_void), len);
|
||||||
*buf_len = len;
|
*buf_len = len;
|
||||||
@@ -2008,7 +1999,7 @@ unsafe fn _read_certificate(
|
|||||||
*buf_len = 0;
|
*buf_len = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
ErrorKind::Ok
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Write certificate
|
/// Write certificate
|
||||||
|
|||||||
+30
-25
@@ -195,28 +195,28 @@ pub fn ykpiv_init(verbose: i32) -> YubiKey {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// Cleanup YubiKey session
|
/// Cleanup YubiKey session
|
||||||
pub(crate) unsafe fn _ykpiv_done(state: &mut YubiKey, disconnect: bool) -> ErrorKind {
|
pub(crate) unsafe fn _ykpiv_done(state: &mut YubiKey, disconnect: bool) -> Result<(), ErrorKind> {
|
||||||
if disconnect {
|
if disconnect {
|
||||||
ykpiv_disconnect(state);
|
ykpiv_disconnect(state);
|
||||||
}
|
}
|
||||||
|
|
||||||
_cache_pin(state, ptr::null(), 0);
|
_cache_pin(state, ptr::null(), 0);
|
||||||
ErrorKind::Ok
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Cleanup YubiKey session with external card upon completion
|
/// Cleanup YubiKey session with external card upon completion
|
||||||
// TODO(tarcieri): make this a `Drop` handler
|
// TODO(tarcieri): make this a `Drop` handler
|
||||||
pub unsafe fn ykpiv_done_with_external_card(state: &mut YubiKey) -> ErrorKind {
|
pub unsafe fn ykpiv_done_with_external_card(state: &mut YubiKey) -> Result<(), ErrorKind> {
|
||||||
_ykpiv_done(state, false)
|
_ykpiv_done(state, false)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Cleanup YubiKey session upon completion
|
/// Cleanup YubiKey session upon completion
|
||||||
pub unsafe fn ykpiv_done(state: &mut YubiKey) -> ErrorKind {
|
pub unsafe fn ykpiv_done(state: &mut YubiKey) -> Result<(), ErrorKind> {
|
||||||
_ykpiv_done(state, true)
|
_ykpiv_done(state, true)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Disconnect a YubiKey session
|
/// Disconnect a YubiKey session
|
||||||
pub unsafe fn ykpiv_disconnect(state: &mut YubiKey) -> ErrorKind {
|
pub unsafe fn ykpiv_disconnect(state: &mut YubiKey) -> Result<(), ErrorKind> {
|
||||||
if state.card != 0 {
|
if state.card != 0 {
|
||||||
SCardDisconnect(state.card, 0x1);
|
SCardDisconnect(state.card, 0x1);
|
||||||
state.card = 0i32;
|
state.card = 0i32;
|
||||||
@@ -227,7 +227,7 @@ pub unsafe fn ykpiv_disconnect(state: &mut YubiKey) -> ErrorKind {
|
|||||||
state.context = -1i32;
|
state.context = -1i32;
|
||||||
}
|
}
|
||||||
|
|
||||||
ErrorKind::Ok
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Select application
|
/// Select application
|
||||||
@@ -320,10 +320,14 @@ pub(crate) unsafe fn _ykpiv_ensure_application_selected(
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// Connect to the YubiKey
|
/// Connect to the YubiKey
|
||||||
pub(crate) unsafe fn _ykpiv_connect(state: &mut YubiKey, context: usize, card: usize) -> ErrorKind {
|
pub(crate) unsafe fn _ykpiv_connect(
|
||||||
|
state: &mut YubiKey,
|
||||||
|
context: usize,
|
||||||
|
card: usize,
|
||||||
|
) -> Result<(), ErrorKind> {
|
||||||
// if the context has changed, and the new context is not valid, return an error
|
// if the context has changed, and the new context is not valid, return an error
|
||||||
if context != state.context as (usize) && (0x0i32 != SCardIsValidContext(context as (i32))) {
|
if context != state.context as (usize) && (0x0i32 != SCardIsValidContext(context as (i32))) {
|
||||||
return ErrorKind::PcscError;
|
return Err(ErrorKind::PcscError);
|
||||||
}
|
}
|
||||||
|
|
||||||
// if card handle has changed, determine if handle is valid (less efficient, but complete)
|
// if card handle has changed, determine if handle is valid (less efficient, but complete)
|
||||||
@@ -345,7 +349,7 @@ pub(crate) unsafe fn _ykpiv_connect(state: &mut YubiKey, context: usize, card: u
|
|||||||
&mut atr_len,
|
&mut atr_len,
|
||||||
) != 0
|
) != 0
|
||||||
{
|
{
|
||||||
return ErrorKind::PcscError;
|
return Err(ErrorKind::PcscError);
|
||||||
}
|
}
|
||||||
|
|
||||||
state.is_neo = (atr_len as usize == YKPIV_ATR_NEO_R3.len() - 1)
|
state.is_neo = (atr_len as usize == YKPIV_ATR_NEO_R3.len() - 1)
|
||||||
@@ -367,7 +371,7 @@ pub(crate) unsafe fn _ykpiv_connect(state: &mut YubiKey, context: usize, card: u
|
|||||||
// The applet _is_ selected by ykpiv_connect(), but is not selected when bypassing
|
// The applet _is_ selected by ykpiv_connect(), but is not selected when bypassing
|
||||||
// it with ykpiv_connect_with_external_card().
|
// it with ykpiv_connect_with_external_card().
|
||||||
|
|
||||||
ErrorKind::Ok
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Connect to an external card
|
/// Connect to an external card
|
||||||
@@ -375,7 +379,7 @@ pub unsafe fn ykpiv_connect_with_external_card(
|
|||||||
state: &mut YubiKey,
|
state: &mut YubiKey,
|
||||||
context: usize,
|
context: usize,
|
||||||
card: usize,
|
card: usize,
|
||||||
) -> ErrorKind {
|
) -> Result<(), ErrorKind> {
|
||||||
_ykpiv_connect(state, context, card)
|
_ykpiv_connect(state, context, card)
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -389,11 +393,8 @@ pub unsafe fn ykpiv_connect(state: &mut YubiKey, wanted: *const c_char) -> Resul
|
|||||||
let mut reader_ptr: *mut c_char;
|
let mut reader_ptr: *mut c_char;
|
||||||
let mut card: i32 = -1i32;
|
let mut card: i32 = -1i32;
|
||||||
|
|
||||||
let ret: ErrorKind = ykpiv_list_readers(state, reader_buf.as_mut_ptr(), &mut num_readers);
|
ykpiv_list_readers(state, reader_buf.as_mut_ptr(), &mut num_readers)?;
|
||||||
|
|
||||||
if ret != ErrorKind::Ok {
|
|
||||||
return Err(ret);
|
|
||||||
}
|
|
||||||
reader_ptr = reader_buf.as_mut_ptr();
|
reader_ptr = reader_buf.as_mut_ptr();
|
||||||
loop {
|
loop {
|
||||||
if *reader_ptr == b'\0' as c_char {
|
if *reader_ptr == b'\0' as c_char {
|
||||||
@@ -465,7 +466,7 @@ pub unsafe fn ykpiv_connect(state: &mut YubiKey, wanted: *const c_char) -> Resul
|
|||||||
// at this point, card should not equal state->card,
|
// at this point, card should not equal state->card,
|
||||||
// to allow _ykpiv_connect() to determine device type
|
// to allow _ykpiv_connect() to determine device type
|
||||||
let res = _ykpiv_connect(state, state.context as (usize), card as (usize));
|
let res = _ykpiv_connect(state, state.context as (usize), card as (usize));
|
||||||
if res != ErrorKind::Ok {
|
if res.is_err() {
|
||||||
_currentBlock = 19;
|
_currentBlock = 19;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -504,7 +505,7 @@ pub unsafe fn ykpiv_list_readers(
|
|||||||
state: &mut YubiKey,
|
state: &mut YubiKey,
|
||||||
readers: *mut c_char,
|
readers: *mut c_char,
|
||||||
len: *mut usize,
|
len: *mut usize,
|
||||||
) -> ErrorKind {
|
) -> Result<(), ErrorKind> {
|
||||||
let mut num_readers: u32 = 0u32;
|
let mut num_readers: u32 = 0u32;
|
||||||
let mut rc: i32;
|
let mut rc: i32;
|
||||||
|
|
||||||
@@ -515,7 +516,7 @@ pub unsafe fn ykpiv_list_readers(
|
|||||||
if state.verbose != 0 {
|
if state.verbose != 0 {
|
||||||
eprintln!("error: SCardEstablishContext failed, rc={}", rc);
|
eprintln!("error: SCardEstablishContext failed, rc={}", rc);
|
||||||
}
|
}
|
||||||
return ErrorKind::PcscError;
|
return Err(ErrorKind::PcscError);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -532,7 +533,7 @@ pub unsafe fn ykpiv_list_readers(
|
|||||||
}
|
}
|
||||||
SCardReleaseContext(state.context);
|
SCardReleaseContext(state.context);
|
||||||
state.context = -1i32;
|
state.context = -1i32;
|
||||||
return ErrorKind::PcscError;
|
return Err(ErrorKind::PcscError);
|
||||||
}
|
}
|
||||||
|
|
||||||
if num_readers as (usize) > *len {
|
if num_readers as (usize) > *len {
|
||||||
@@ -550,11 +551,11 @@ pub unsafe fn ykpiv_list_readers(
|
|||||||
|
|
||||||
SCardReleaseContext(state.context);
|
SCardReleaseContext(state.context);
|
||||||
state.context = -1i32;
|
state.context = -1i32;
|
||||||
return ErrorKind::PcscError;
|
return Err(ErrorKind::PcscError);
|
||||||
}
|
}
|
||||||
|
|
||||||
*len = num_readers as usize;
|
*len = num_readers as usize;
|
||||||
ErrorKind::Ok
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Reconnect to a YubiKey
|
/// Reconnect to a YubiKey
|
||||||
@@ -1499,9 +1500,13 @@ pub unsafe fn ykpiv_get_serial(state: &mut YubiKey, p_serial: *mut u32) -> Resul
|
|||||||
|
|
||||||
/// Cache PIN in memory
|
/// Cache PIN in memory
|
||||||
// TODO(tarcieri): better security around the cached PIN
|
// TODO(tarcieri): better security around the cached PIN
|
||||||
pub(crate) unsafe fn _cache_pin(state: &mut YubiKey, pin: *const c_char, len: usize) -> ErrorKind {
|
pub(crate) unsafe fn _cache_pin(
|
||||||
|
state: &mut YubiKey,
|
||||||
|
pin: *const c_char,
|
||||||
|
len: usize,
|
||||||
|
) -> Result<(), ErrorKind> {
|
||||||
if !pin.is_null() && (state.pin as *const c_char == pin) {
|
if !pin.is_null() && (state.pin as *const c_char == pin) {
|
||||||
return ErrorKind::Ok;
|
return Ok(());
|
||||||
}
|
}
|
||||||
|
|
||||||
if !state.pin.is_null() {
|
if !state.pin.is_null() {
|
||||||
@@ -1518,14 +1523,14 @@ pub(crate) unsafe fn _cache_pin(state: &mut YubiKey, pin: *const c_char, len: us
|
|||||||
state.pin = malloc(len + 1) as (*mut u8);
|
state.pin = malloc(len + 1) as (*mut u8);
|
||||||
|
|
||||||
if state.pin.is_null() {
|
if state.pin.is_null() {
|
||||||
return ErrorKind::MemoryError;
|
return Err(ErrorKind::MemoryError);
|
||||||
}
|
}
|
||||||
|
|
||||||
memcpy(state.pin as (*mut c_void), pin as (*const c_void), len);
|
memcpy(state.pin as (*mut c_void), pin as (*const c_void), len);
|
||||||
*state.pin.add(len) = 0u8;
|
*state.pin.add(len) = 0u8;
|
||||||
}
|
}
|
||||||
|
|
||||||
ErrorKind::Ok
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Verify device PIN
|
/// Verify device PIN
|
||||||
|
|||||||
Reference in New Issue
Block a user