Convert remaining APIs to Result<(), ErrorKind>

This commit is contained in:
Jack Grigg
2019-11-20 11:16:44 +00:00
parent 6c03ea89ec
commit 7add9bfa41
2 changed files with 48 additions and 52 deletions
+18 -27
View File
@@ -311,7 +311,7 @@ pub unsafe fn ykpiv_util_list_keys(
data_len: *mut usize, data_len: *mut usize,
) -> Result<(), ErrorKind> { ) -> Result<(), ErrorKind> {
let mut _currentBlock; let mut _currentBlock;
let mut res: ErrorKind = ErrorKind::Ok; let mut res = Ok(());
let mut p_key: *mut YkPivKey; let mut p_key: *mut YkPivKey;
let mut p_data: *mut u8 = ptr::null_mut(); let mut p_data: *mut u8 = ptr::null_mut();
let mut p_temp: *mut u8; let mut p_temp: *mut u8;
@@ -353,7 +353,7 @@ pub unsafe fn ykpiv_util_list_keys(
cb_buf = buf.len(); cb_buf = buf.len();
res = _read_certificate(state, SLOTS[i], buf.as_mut_ptr(), &mut cb_buf); res = _read_certificate(state, SLOTS[i], buf.as_mut_ptr(), &mut cb_buf);
if res == ErrorKind::Ok && (cb_buf > 0) { if res.is_ok() && (cb_buf > 0) {
cb_realloc = if mem::size_of::<YkPivKey>() cb_realloc = if mem::size_of::<YkPivKey>()
.wrapping_add(cb_buf) .wrapping_add(cb_buf)
.wrapping_sub(1) .wrapping_sub(1)
@@ -419,9 +419,9 @@ pub unsafe fn ykpiv_util_list_keys(
if !data_len.is_null() { if !data_len.is_null() {
*data_len = offset; *data_len = offset;
} }
res = ErrorKind::Ok; res = Ok(());
} else { } else {
res = ErrorKind::MemoryError; res = Err(ErrorKind::MemoryError);
} }
} }
@@ -430,10 +430,7 @@ pub unsafe fn ykpiv_util_list_keys(
} }
_ykpiv_end_transaction(state); _ykpiv_end_transaction(state);
match res { res
ErrorKind::Ok => Ok(()),
e => Err(e),
}
} }
/// Read certificate /// Read certificate
@@ -443,7 +440,7 @@ pub unsafe fn ykpiv_util_read_cert(
data: *mut *mut u8, data: *mut *mut u8,
data_len: *mut usize, data_len: *mut usize,
) -> Result<(), ErrorKind> { ) -> Result<(), ErrorKind> {
let mut res: ErrorKind = ErrorKind::Ok; let mut res = Ok(());
let mut buf = [0u8; YKPIV_OBJ_MAX_SIZE]; let mut buf = [0u8; YKPIV_OBJ_MAX_SIZE];
let mut cb_buf: usize = buf.len(); let mut cb_buf: usize = buf.len();
@@ -457,7 +454,7 @@ pub unsafe fn ykpiv_util_read_cert(
*data = ptr::null_mut(); *data = ptr::null_mut();
*data_len = 0; *data_len = 0;
res = _read_certificate(state, slot, buf.as_mut_ptr(), &mut cb_buf); res = _read_certificate(state, slot, buf.as_mut_ptr(), &mut cb_buf);
if res == ErrorKind::Ok { if res.is_ok() {
if cb_buf == 0 { if cb_buf == 0 {
*data = ptr::null_mut(); *data = ptr::null_mut();
*data_len = 0; *data_len = 0;
@@ -467,7 +464,7 @@ pub unsafe fn ykpiv_util_read_cert(
} }
.is_null() .is_null()
{ {
res = ErrorKind::MemoryError; res = Err(ErrorKind::MemoryError);
} else { } else {
memcpy( memcpy(
*data as (*mut c_void), *data as (*mut c_void),
@@ -480,10 +477,7 @@ pub unsafe fn ykpiv_util_read_cert(
} }
_ykpiv_end_transaction(state); _ykpiv_end_transaction(state);
match res { res
ErrorKind::Ok => Ok(()),
e => Err(e),
}
} }
/// Write certificate /// Write certificate
@@ -1404,7 +1398,7 @@ pub unsafe fn ykpiv_util_get_config(
let mut cb_data: usize = mem::size_of::<[u8; YKPIV_OBJ_MAX_SIZE]>(); let mut cb_data: usize = mem::size_of::<[u8; YKPIV_OBJ_MAX_SIZE]>();
let mut p_item: *mut u8 = ptr::null_mut(); let mut p_item: *mut u8 = ptr::null_mut();
let mut cb_item: usize = 0; let mut cb_item: usize = 0;
let res = ErrorKind::Ok; let mut res = Ok(());
if config.is_null() { if config.is_null() {
return Err(ErrorKind::GenericError); return Err(ErrorKind::GenericError);
@@ -1485,7 +1479,7 @@ pub unsafe fn ykpiv_util_get_config(
if _read_metadata(state, 0x88u8, data.as_mut_ptr(), &mut cb_data).is_ok() { if _read_metadata(state, 0x88u8, data.as_mut_ptr(), &mut cb_data).is_ok() {
(*config).protected_data_available = 1u8; (*config).protected_data_available = 1u8;
let res = _get_metadata_item( res = _get_metadata_item(
data.as_mut_ptr(), data.as_mut_ptr(),
cb_data, cb_data,
0x81u8, 0x81u8,
@@ -1497,7 +1491,7 @@ pub unsafe fn ykpiv_util_get_config(
(*config).puk_noblock_on_upgrade = 1u8; (*config).puk_noblock_on_upgrade = 1u8;
} }
let res = _get_metadata_item( res = _get_metadata_item(
data.as_mut_ptr(), data.as_mut_ptr(),
cb_data, cb_data,
0x89u8, 0x89u8,
@@ -1519,10 +1513,7 @@ pub unsafe fn ykpiv_util_get_config(
} }
_ykpiv_end_transaction(state); _ykpiv_end_transaction(state);
match res { res
ErrorKind::Ok => Ok(()),
e => Err(e),
}
} }
/// Set PIN last changed /// Set PIN last changed
@@ -1973,13 +1964,13 @@ unsafe fn _read_certificate(
slot: u8, slot: u8,
buf: *mut u8, buf: *mut u8,
buf_len: *mut usize, buf_len: *mut usize,
) -> ErrorKind { ) -> Result<(), ErrorKind> {
let mut ptr: *mut u8; let mut ptr: *mut u8;
let object_id = ykpiv_util_slot_object(slot) as i32; let object_id = ykpiv_util_slot_object(slot) as i32;
let mut len: usize = 0; let mut len: usize = 0;
if object_id == -1 { if object_id == -1 {
return ErrorKind::InvalidObject; return Err(ErrorKind::InvalidObject);
} }
if _ykpiv_fetch_object(state, object_id, buf, buf_len).is_ok() { if _ykpiv_fetch_object(state, object_id, buf, buf_len).is_ok() {
@@ -1987,7 +1978,7 @@ unsafe fn _read_certificate(
if *buf_len < CB_OBJ_TAG_MIN { if *buf_len < CB_OBJ_TAG_MIN {
*buf_len = 0; *buf_len = 0;
return ErrorKind::Ok; return Ok(());
} else if *{ } else if *{
let _old = ptr; let _old = ptr;
ptr = ptr.offset(1); ptr = ptr.offset(1);
@@ -1998,7 +1989,7 @@ unsafe fn _read_certificate(
if len > *buf_len - (ptr as isize - buf as isize) as usize { if len > *buf_len - (ptr as isize - buf as isize) as usize {
*buf_len = 0; *buf_len = 0;
return ErrorKind::Ok; return Ok(());
} else { } else {
memmove(buf as (*mut c_void), ptr as (*const c_void), len); memmove(buf as (*mut c_void), ptr as (*const c_void), len);
*buf_len = len; *buf_len = len;
@@ -2008,7 +1999,7 @@ unsafe fn _read_certificate(
*buf_len = 0; *buf_len = 0;
} }
ErrorKind::Ok Ok(())
} }
/// Write certificate /// Write certificate
+30 -25
View File
@@ -195,28 +195,28 @@ pub fn ykpiv_init(verbose: i32) -> YubiKey {
} }
/// Cleanup YubiKey session /// Cleanup YubiKey session
pub(crate) unsafe fn _ykpiv_done(state: &mut YubiKey, disconnect: bool) -> ErrorKind { pub(crate) unsafe fn _ykpiv_done(state: &mut YubiKey, disconnect: bool) -> Result<(), ErrorKind> {
if disconnect { if disconnect {
ykpiv_disconnect(state); ykpiv_disconnect(state);
} }
_cache_pin(state, ptr::null(), 0); _cache_pin(state, ptr::null(), 0);
ErrorKind::Ok Ok(())
} }
/// Cleanup YubiKey session with external card upon completion /// Cleanup YubiKey session with external card upon completion
// TODO(tarcieri): make this a `Drop` handler // TODO(tarcieri): make this a `Drop` handler
pub unsafe fn ykpiv_done_with_external_card(state: &mut YubiKey) -> ErrorKind { pub unsafe fn ykpiv_done_with_external_card(state: &mut YubiKey) -> Result<(), ErrorKind> {
_ykpiv_done(state, false) _ykpiv_done(state, false)
} }
/// Cleanup YubiKey session upon completion /// Cleanup YubiKey session upon completion
pub unsafe fn ykpiv_done(state: &mut YubiKey) -> ErrorKind { pub unsafe fn ykpiv_done(state: &mut YubiKey) -> Result<(), ErrorKind> {
_ykpiv_done(state, true) _ykpiv_done(state, true)
} }
/// Disconnect a YubiKey session /// Disconnect a YubiKey session
pub unsafe fn ykpiv_disconnect(state: &mut YubiKey) -> ErrorKind { pub unsafe fn ykpiv_disconnect(state: &mut YubiKey) -> Result<(), ErrorKind> {
if state.card != 0 { if state.card != 0 {
SCardDisconnect(state.card, 0x1); SCardDisconnect(state.card, 0x1);
state.card = 0i32; state.card = 0i32;
@@ -227,7 +227,7 @@ pub unsafe fn ykpiv_disconnect(state: &mut YubiKey) -> ErrorKind {
state.context = -1i32; state.context = -1i32;
} }
ErrorKind::Ok Ok(())
} }
/// Select application /// Select application
@@ -320,10 +320,14 @@ pub(crate) unsafe fn _ykpiv_ensure_application_selected(
} }
/// Connect to the YubiKey /// Connect to the YubiKey
pub(crate) unsafe fn _ykpiv_connect(state: &mut YubiKey, context: usize, card: usize) -> ErrorKind { pub(crate) unsafe fn _ykpiv_connect(
state: &mut YubiKey,
context: usize,
card: usize,
) -> Result<(), ErrorKind> {
// if the context has changed, and the new context is not valid, return an error // if the context has changed, and the new context is not valid, return an error
if context != state.context as (usize) && (0x0i32 != SCardIsValidContext(context as (i32))) { if context != state.context as (usize) && (0x0i32 != SCardIsValidContext(context as (i32))) {
return ErrorKind::PcscError; return Err(ErrorKind::PcscError);
} }
// if card handle has changed, determine if handle is valid (less efficient, but complete) // if card handle has changed, determine if handle is valid (less efficient, but complete)
@@ -345,7 +349,7 @@ pub(crate) unsafe fn _ykpiv_connect(state: &mut YubiKey, context: usize, card: u
&mut atr_len, &mut atr_len,
) != 0 ) != 0
{ {
return ErrorKind::PcscError; return Err(ErrorKind::PcscError);
} }
state.is_neo = (atr_len as usize == YKPIV_ATR_NEO_R3.len() - 1) state.is_neo = (atr_len as usize == YKPIV_ATR_NEO_R3.len() - 1)
@@ -367,7 +371,7 @@ pub(crate) unsafe fn _ykpiv_connect(state: &mut YubiKey, context: usize, card: u
// The applet _is_ selected by ykpiv_connect(), but is not selected when bypassing // The applet _is_ selected by ykpiv_connect(), but is not selected when bypassing
// it with ykpiv_connect_with_external_card(). // it with ykpiv_connect_with_external_card().
ErrorKind::Ok Ok(())
} }
/// Connect to an external card /// Connect to an external card
@@ -375,7 +379,7 @@ pub unsafe fn ykpiv_connect_with_external_card(
state: &mut YubiKey, state: &mut YubiKey,
context: usize, context: usize,
card: usize, card: usize,
) -> ErrorKind { ) -> Result<(), ErrorKind> {
_ykpiv_connect(state, context, card) _ykpiv_connect(state, context, card)
} }
@@ -389,11 +393,8 @@ pub unsafe fn ykpiv_connect(state: &mut YubiKey, wanted: *const c_char) -> Resul
let mut reader_ptr: *mut c_char; let mut reader_ptr: *mut c_char;
let mut card: i32 = -1i32; let mut card: i32 = -1i32;
let ret: ErrorKind = ykpiv_list_readers(state, reader_buf.as_mut_ptr(), &mut num_readers); ykpiv_list_readers(state, reader_buf.as_mut_ptr(), &mut num_readers)?;
if ret != ErrorKind::Ok {
return Err(ret);
}
reader_ptr = reader_buf.as_mut_ptr(); reader_ptr = reader_buf.as_mut_ptr();
loop { loop {
if *reader_ptr == b'\0' as c_char { if *reader_ptr == b'\0' as c_char {
@@ -465,7 +466,7 @@ pub unsafe fn ykpiv_connect(state: &mut YubiKey, wanted: *const c_char) -> Resul
// at this point, card should not equal state->card, // at this point, card should not equal state->card,
// to allow _ykpiv_connect() to determine device type // to allow _ykpiv_connect() to determine device type
let res = _ykpiv_connect(state, state.context as (usize), card as (usize)); let res = _ykpiv_connect(state, state.context as (usize), card as (usize));
if res != ErrorKind::Ok { if res.is_err() {
_currentBlock = 19; _currentBlock = 19;
break; break;
} }
@@ -504,7 +505,7 @@ pub unsafe fn ykpiv_list_readers(
state: &mut YubiKey, state: &mut YubiKey,
readers: *mut c_char, readers: *mut c_char,
len: *mut usize, len: *mut usize,
) -> ErrorKind { ) -> Result<(), ErrorKind> {
let mut num_readers: u32 = 0u32; let mut num_readers: u32 = 0u32;
let mut rc: i32; let mut rc: i32;
@@ -515,7 +516,7 @@ pub unsafe fn ykpiv_list_readers(
if state.verbose != 0 { if state.verbose != 0 {
eprintln!("error: SCardEstablishContext failed, rc={}", rc); eprintln!("error: SCardEstablishContext failed, rc={}", rc);
} }
return ErrorKind::PcscError; return Err(ErrorKind::PcscError);
} }
} }
@@ -532,7 +533,7 @@ pub unsafe fn ykpiv_list_readers(
} }
SCardReleaseContext(state.context); SCardReleaseContext(state.context);
state.context = -1i32; state.context = -1i32;
return ErrorKind::PcscError; return Err(ErrorKind::PcscError);
} }
if num_readers as (usize) > *len { if num_readers as (usize) > *len {
@@ -550,11 +551,11 @@ pub unsafe fn ykpiv_list_readers(
SCardReleaseContext(state.context); SCardReleaseContext(state.context);
state.context = -1i32; state.context = -1i32;
return ErrorKind::PcscError; return Err(ErrorKind::PcscError);
} }
*len = num_readers as usize; *len = num_readers as usize;
ErrorKind::Ok Ok(())
} }
/// Reconnect to a YubiKey /// Reconnect to a YubiKey
@@ -1499,9 +1500,13 @@ pub unsafe fn ykpiv_get_serial(state: &mut YubiKey, p_serial: *mut u32) -> Resul
/// Cache PIN in memory /// Cache PIN in memory
// TODO(tarcieri): better security around the cached PIN // TODO(tarcieri): better security around the cached PIN
pub(crate) unsafe fn _cache_pin(state: &mut YubiKey, pin: *const c_char, len: usize) -> ErrorKind { pub(crate) unsafe fn _cache_pin(
state: &mut YubiKey,
pin: *const c_char,
len: usize,
) -> Result<(), ErrorKind> {
if !pin.is_null() && (state.pin as *const c_char == pin) { if !pin.is_null() && (state.pin as *const c_char == pin) {
return ErrorKind::Ok; return Ok(());
} }
if !state.pin.is_null() { if !state.pin.is_null() {
@@ -1518,14 +1523,14 @@ pub(crate) unsafe fn _cache_pin(state: &mut YubiKey, pin: *const c_char, len: us
state.pin = malloc(len + 1) as (*mut u8); state.pin = malloc(len + 1) as (*mut u8);
if state.pin.is_null() { if state.pin.is_null() {
return ErrorKind::MemoryError; return Err(ErrorKind::MemoryError);
} }
memcpy(state.pin as (*mut c_void), pin as (*const c_void), len); memcpy(state.pin as (*mut c_void), pin as (*const c_void), len);
*state.pin.add(len) = 0u8; *state.pin.add(len) = 0u8;
} }
ErrorKind::Ok Ok(())
} }
/// Verify device PIN /// Verify device PIN