This commit gets the Rust code to compile! 🎉
Additionally, it fixes all of the commented out code that was failing
translation from C due to the use of unions, namely around the APDU
messages.
It does a fair amount of reformatting around branches, with the net
result hopefully being something actually a bit closer to the C code,
and a straightforward list of `if` statements.
It also removes all of the remaining externs that aren't supposed to be
externs, replacing them with a more straightforward usage of the module
system.
Finally it fixes all errors and warnings (relating to e.g. usage of
uninitialized memory), in addition to most clippy lints! (some have
been explicitly disabled)
All that said, it still doesn't do anything: it needs to be wired up to
a PCSC library first before that will be possible. But hey, it compiles!
This commit contains a multitude of fixes and some initial translation
work so the first rustc pass compiles.
It removes `unsafe extern "C"` declarations, so now there are a number
of errors about invocations of unsafe functions that need to be
addressed. They should each be scoped to an `unsafe` block so as to aid
in an eventual safe translation.
Some of the functions are now using the module system rather than
`extern "C"` bindings, but the translation is not complete.
This either fixes or adds "FIXME" notes for any parts of the code that
corrode had trouble translating.
Namely there are a number of places members of the APDU struct(?) were
accessed which corrode failed to translate.
- Adds initial `Cargo.toml` (and `Cargo.lock` to `.gitignore`)
- Deletes `tool` (it seems hard to `corrode`)
- Moves `lib/tests` => `tests` (we should figure out how to translate them)
- Moves `lib` => `src` to match Rust conventions
- Renames `lib/ykpiv.rs` => `src/lib.rs` to match Rust conventions
- Adds copyright from `ykpiv.h` to the top of all `*.rs` files
Includes changes to the original C code needed for `corrode` to accept
the input.
There were a lot of problems with APDU fields. These need to be copied
into the translated Rust code and fixed up manually.
Code otherwise contains the raw `corrode` output.
valgrind --track-origins=true says:
==13529== Conditional jump or move depends on uninitialised value(s)
==13529== at 0x4AF92D1: PK11_MakeString (pk11slot.c:1073)
==13529== by 0x4AFA5AA: PK11_InitSlot (pk11slot.c:1456)
==13529== by 0x4AE315E: secmod_LoadPKCS11Module (pk11load.c:563)
==13529== by 0x4AEF68C: SECMOD_LoadModule (pk11pars.c:1838)
==13529== by 0x4AEF7C7: SECMOD_LoadModule (pk11pars.c:1874)
==13529== by 0x4ABCB6A: nss_InitModules (nssinit.c:464)
==13529== by 0x4ABCB6A: nss_Init (nssinit.c:689)
==13529== by 0x4ABD17C: NSS_Init (nssinit.c:824)
==13529== by 0x4059C0: main (pesign.c:354)
==13529== Uninitialised value was created by a stack allocation
==13529== at 0x484D175: C_Initialize (in /usr/lib64/libykcs11.so.1.5.0)
This is the result of a combination of two problems. In
ykcs11/utils.c:parse_readers(), the code does:
for (i = 0; i < len; i++)
if (readers[i] == '\0' && i != len - 1) {
But in ykcs11/ykcs11.c:C_Initialize(), the parts of readers[] that are
initialized are only the parts that have been populated; the rest of
the array is still just whatever value is on the stack. Additionally,
in lib/ykpiv.c:ykpiv_list_readers(), which populates the array, the
length is updated only in the case where the buffer is smaller than the
data, not when there is additional buffer but no data:
if (num_readers > *len) {
num_readers = (pcsc_word)*len;
}
The result is that if the amount of reader data is smaller than 2048
bytes, PK11_InitSlot() will try to find reader data in the rest of the
array, which has not been initialized.
This patch adds an initialization for the data to set it all '\0', and
also updates the length when there is excess buffer available.
Signed-off-by: Peter Jones <pjones@redhat.com>