diff --git a/cryptoki/src/context/general_purpose.rs b/cryptoki/src/context/general_purpose.rs index 0bf52a3a..89942226 100644 --- a/cryptoki/src/context/general_purpose.rs +++ b/cryptoki/src/context/general_purpose.rs @@ -7,6 +7,7 @@ use crate::error::{Result, Rv}; use cryptoki_sys::{CK_C_INITIALIZE_ARGS, CK_INFO}; use paste::paste; use std::convert::TryFrom; +use std::fmt::Display; // See public docs on stub in parent mod.rs #[inline(always)] @@ -18,7 +19,7 @@ pub(super) fn initialize(ctx: &mut Pkcs11, init_args: CInitializeArgs) -> Result Rv::from(get_pkcs11!(ctx, C_Initialize)( init_args_ptr as *mut CK_C_INITIALIZE_ARGS as *mut ::std::ffi::c_void, )) - .into_result() + .into_result(Function::Initialize) .map(|_| { ctx.initialized = true; }) @@ -30,7 +31,7 @@ pub(super) fn initialize(ctx: &mut Pkcs11, init_args: CInitializeArgs) -> Result pub(super) fn get_library_info(ctx: &Pkcs11) -> Result { let mut info = CK_INFO::default(); unsafe { - Rv::from(get_pkcs11!(ctx, C_GetInfo)(&mut info)).into_result()?; + Rv::from(get_pkcs11!(ctx, C_GetInfo)(&mut info)).into_result(Function::GetInfo)?; Info::try_from(info) } } @@ -120,6 +121,81 @@ pub enum Function { WaitForSlotEvent, } +impl Display for Function { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + match self { + Function::Initialize => write!(f, "Function::Initialize"), + Function::Finalize => write!(f, "Function::Finalize"), + Function::GetInfo => write!(f, "Function::GetInfo"), + Function::GetFunctionList => write!(f, "Function::GetFunctionList"), + Function::GetSlotList => write!(f, "Function::GetSlotList"), + Function::GetSlotInfo => write!(f, "Function::GetSlotInfo"), + Function::GetTokenInfo => write!(f, "Function::GetTokenInfo"), + Function::GetMechanismList => write!(f, "Function::GetMechanismList"), + Function::GetMechanismInfo => write!(f, "Function::GetMechanismInfo"), + Function::InitToken => write!(f, "Function::InitToken"), + Function::InitPIN => write!(f, "Function::InitPIN"), + Function::SetPIN => write!(f, "Function::SetPIN"), + Function::OpenSession => write!(f, "Function::OpenSession"), + Function::CloseSession => write!(f, "Function::CloseSession"), + Function::CloseAllSessions => write!(f, "Function::CloseAllSessions"), + Function::GetSessionInfo => write!(f, "Function::GetSessionInfo"), + Function::GetOperationState => write!(f, "Function::GetOperationState"), + Function::SetOperationState => write!(f, "Function::SetOperationState"), + Function::Login => write!(f, "Function::Login"), + Function::Logout => write!(f, "Function::Logout"), + Function::CreateObject => write!(f, "Function::CreateObject"), + Function::CopyObject => write!(f, "Function::CopyObject"), + Function::DestroyObject => write!(f, "Function::DestroyObject"), + Function::GetObjectSize => write!(f, "Function::GetObjectSize"), + Function::GetAttributeValue => write!(f, "Function::GetAttributeValue"), + Function::SetAttributeValue => write!(f, "Function::SetAttributeValue"), + Function::FindObjectsInit => write!(f, "Function::FindObjectsInit"), + Function::FindObjects => write!(f, "Function::FindObjects"), + Function::FindObjectsFinal => write!(f, "Function::FindObjectsFinal"), + Function::EncryptInit => write!(f, "Function::EncryptInit"), + Function::Encrypt => write!(f, "Function::Encrypt"), + Function::EncryptUpdate => write!(f, "Function::EncryptUpdate"), + Function::EncryptFinal => write!(f, "Function::EncryptFinal"), + Function::DecryptInit => write!(f, "Function::DecryptInit"), + Function::Decrypt => write!(f, "Function::Decrypt"), + Function::DecryptUpdate => write!(f, "Function::DecryptUpdate"), + Function::DecryptFinal => write!(f, "Function::DecryptFinal"), + Function::DigestInit => write!(f, "Function::DigestInit"), + Function::Digest => write!(f, "Function::Digest"), + Function::DigestUpdate => write!(f, "Function::DigestUpdate"), + Function::DigestKey => write!(f, "Function::DigestKey"), + Function::DigestFinal => write!(f, "Function::DigestFinal"), + Function::SignInit => write!(f, "Function::SignInit"), + Function::Sign => write!(f, "Function::Sign"), + Function::SignUpdate => write!(f, "Function::SignUpdate"), + Function::SignFinal => write!(f, "Function::SignFinal"), + Function::SignRecoverInit => write!(f, "Function::SignRecoverInit"), + Function::SignRecover => write!(f, "Function::SignRecover"), + Function::VerifyInit => write!(f, "Function::VerifyInit"), + Function::Verify => write!(f, "Function::Verify"), + Function::VerifyUpdate => write!(f, "Function::VerifyUpdate"), + Function::VerifyFinal => write!(f, "Function::VerifyFinal"), + Function::VerifyRecoverInit => write!(f, "Function::VerifyRecoverInit"), + Function::VerifyRecover => write!(f, "Function::VerifyRecover"), + Function::DigestEncryptUpdate => write!(f, "Function::DigestEncryptUpdate"), + Function::DecryptDigestUpdate => write!(f, "Function::DecryptDigestUpdate"), + Function::SignEncryptUpdate => write!(f, "Function::SignEncryptUpdate"), + Function::DecryptVerifyUpdate => write!(f, "Function::DecryptVerifyUpdate"), + Function::GenerateKey => write!(f, "Function::GenerateKey"), + Function::GenerateKeyPair => write!(f, "Function::GenerateKeyPair"), + Function::WrapKey => write!(f, "Function::WrapKey"), + Function::UnwrapKey => write!(f, "Function::UnwrapKey"), + Function::DeriveKey => write!(f, "Function::DeriveKey"), + Function::SeedRandom => write!(f, "Function::SeedRandom"), + Function::GenerateRandom => write!(f, "Function::GenerateRandom"), + Function::GetFunctionStatus => write!(f, "Function::GetFunctionStatus"), + Function::CancelFunction => write!(f, "Function::CancelFunction"), + Function::WaitForSlotEvent => write!(f, "Function::WaitForSlotEvent"), + } + } +} + #[inline(always)] pub(super) fn is_fn_supported(ctx: &Pkcs11, function: Function) -> bool { match function { diff --git a/cryptoki/src/context/mod.rs b/cryptoki/src/context/mod.rs index 5587a4fb..9111afdf 100644 --- a/cryptoki/src/context/mod.rs +++ b/cryptoki/src/context/mod.rs @@ -59,7 +59,7 @@ impl Pkcs11Impl { .ok_or(Error::NullFunctionPointer)?( ptr::null_mut() )) - .into_result() + .into_result(Function::Finalize) } } } @@ -90,7 +90,8 @@ impl Pkcs11 { cryptoki_sys::Pkcs11::new(filename.as_ref()).map_err(Error::LibraryLoading)?; let mut list = mem::MaybeUninit::uninit(); - Rv::from(pkcs11_lib.C_GetFunctionList(list.as_mut_ptr())).into_result()?; + Rv::from(pkcs11_lib.C_GetFunctionList(list.as_mut_ptr())) + .into_result(Function::GetFunctionList)?; let list_ptr = *list.as_ptr(); diff --git a/cryptoki/src/context/session_management.rs b/cryptoki/src/context/session_management.rs index d3d55bfc..27dc29c6 100644 --- a/cryptoki/src/context/session_management.rs +++ b/cryptoki/src/context/session_management.rs @@ -10,6 +10,8 @@ use crate::session::Session; use crate::slot::Slot; use std::convert::TryInto; +use super::Function; + impl Pkcs11 { #[inline(always)] fn open_session(&self, slot_id: Slot, read_write: bool) -> Result { @@ -29,7 +31,7 @@ impl Pkcs11 { None, &mut session_handle, )) - .into_result()?; + .into_result(Function::OpenSession)?; } Ok(Session::new(session_handle, self.clone())) diff --git a/cryptoki/src/context/slot_token_management.rs b/cryptoki/src/context/slot_token_management.rs index 79c161b5..82359457 100644 --- a/cryptoki/src/context/slot_token_management.rs +++ b/cryptoki/src/context/slot_token_management.rs @@ -14,6 +14,8 @@ use std::convert::{TryFrom, TryInto}; use crate::error::RvError::BufferTooSmall; +use super::Function; + impl Pkcs11 { #[inline(always)] fn get_slots(&self, with_token: CK_BBOOL) -> Result> { @@ -21,7 +23,7 @@ impl Pkcs11 { let rval = unsafe { get_pkcs11!(self, C_GetSlotList)(with_token, std::ptr::null_mut(), &mut slot_count) }; - Rv::from(rval).into_result()?; + Rv::from(rval).into_result(Function::GetSlotList)?; let mut slots; loop { @@ -35,7 +37,7 @@ impl Pkcs11 { // and we want to loop again with a resized buffer. if !matches!(Rv::from(rval), Rv::Error(BufferTooSmall)) { // Account for other possible error types - Rv::from(rval).into_result()?; + Rv::from(rval).into_result(Function::GetSlotList)?; // Otherwise, we have a valid list to process break; } @@ -86,7 +88,7 @@ impl Pkcs11 { pin.expose_secret().len().try_into()?, label.as_ptr() as *mut u8, )) - .into_result() + .into_result(Function::InitToken) } } @@ -98,7 +100,7 @@ impl Pkcs11 { slot.try_into()?, &mut slot_info, )) - .into_result()?; + .into_result(Function::GetSlotInfo)?; Ok(SlotInfo::from(slot_info)) } } @@ -111,7 +113,7 @@ impl Pkcs11 { slot.try_into()?, &mut token_info, )) - .into_result()?; + .into_result(Function::GetTokenInfo)?; TokenInfo::try_from(token_info) } } @@ -126,7 +128,7 @@ impl Pkcs11 { std::ptr::null_mut(), &mut mechanism_count, )) - .into_result()?; + .into_result(Function::GetMechanismList)?; } let mut mechanisms = vec![0; mechanism_count.try_into()?]; @@ -137,7 +139,7 @@ impl Pkcs11 { mechanisms.as_mut_ptr(), &mut mechanism_count, )) - .into_result()?; + .into_result(Function::GetMechanismList)?; } // Truncate mechanisms if count decreased. @@ -158,7 +160,7 @@ impl Pkcs11 { type_.into(), &mut mechanism_info, )) - .into_result()?; + .into_result(Function::GetMechanismInfo)?; Ok(MechanismInfo::from(mechanism_info)) } } diff --git a/cryptoki/src/error/mod.rs b/cryptoki/src/error/mod.rs index 082b12e1..aaa34674 100644 --- a/cryptoki/src/error/mod.rs +++ b/cryptoki/src/error/mod.rs @@ -10,6 +10,8 @@ pub use rv_error::*; use std::fmt; +use crate::context::Function; + #[derive(Debug)] /// Main error type pub enum Error { @@ -18,7 +20,7 @@ pub enum Error { LibraryLoading(libloading::Error), /// All PKCS#11 functions that return non-zero translate to this error. - Pkcs11(RvError), + Pkcs11(RvError, Function), /// This error marks a feature that is not yet supported by the PKCS11 Rust abstraction layer. NotSupported, @@ -55,7 +57,7 @@ impl fmt::Display for Error { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { match self { Error::LibraryLoading(e) => write!(f, "libloading error ({e})"), - Error::Pkcs11(e) => write!(f, "PKCS11 error: {e}"), + Error::Pkcs11(e, funct) => write!(f, "{funct}: PKCS11 error: {e}"), Error::NotSupported => write!(f, "Feature not supported"), Error::TryFromInt(e) => write!(f, "Conversion between integers failed ({e})"), Error::TryFromSlice(e) => write!(f, "Error converting slice to array ({e})"), @@ -79,7 +81,7 @@ impl std::error::Error for Error { Error::ParseInt(e) => Some(e), Error::Utf8(e) => Some(e), Error::NulError(e) => Some(e), - Error::Pkcs11(_) + Error::Pkcs11(_, _) | Error::NotSupported | Error::NullFunctionPointer | Error::PinNotSet @@ -131,11 +133,11 @@ impl From for Error { } } -impl From for Error { - fn from(rv_error: RvError) -> Self { - Error::Pkcs11(rv_error) - } -} +// impl From for Error { +// fn from(rv_error: RvError) -> Self { +// Error::Pkcs11(rv_error) +// } +// } /// Main Result type pub type Result = core::result::Result; diff --git a/cryptoki/src/error/rv.rs b/cryptoki/src/error/rv.rs index 660e1d30..32b74a5c 100644 --- a/cryptoki/src/error/rv.rs +++ b/cryptoki/src/error/rv.rs @@ -2,6 +2,8 @@ // SPDX-License-Identifier: Apache-2.0 //! Function types +use crate::context::Function; + use super::{Error, Result, RvError}; use cryptoki_sys::*; use log::error; @@ -128,10 +130,10 @@ impl From for Rv { impl Rv { /// Convert the return value into a standard Result type - pub fn into_result(self) -> Result<()> { + pub fn into_result(self, function: Function) -> Result<()> { match self { Rv::Ok => Ok(()), - Rv::Error(rv_error) => Err(Error::Pkcs11(rv_error)), + Rv::Error(rv_error) => Err(Error::Pkcs11(rv_error, function)), } } } diff --git a/cryptoki/src/session/decryption.rs b/cryptoki/src/session/decryption.rs index 5cd463bb..59745fd8 100644 --- a/cryptoki/src/session/decryption.rs +++ b/cryptoki/src/session/decryption.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Decrypting data +use crate::context::Function; use crate::error::{Result, Rv}; use crate::mechanism::Mechanism; use crate::object::ObjectHandle; @@ -26,7 +27,7 @@ impl Session { &mut mechanism as CK_MECHANISM_PTR, key.handle(), )) - .into_result()?; + .into_result(Function::DecryptInit)?; } // Get the output buffer length @@ -39,7 +40,7 @@ impl Session { std::ptr::null_mut(), &mut data_len, )) - .into_result()?; + .into_result(Function::Decrypt)?; } let mut data = vec![0; data_len.try_into()?]; @@ -52,7 +53,7 @@ impl Session { data.as_mut_ptr(), &mut data_len, )) - .into_result()?; + .into_result(Function::Decrypt)?; } data.resize(data_len.try_into()?, 0); diff --git a/cryptoki/src/session/digesting.rs b/cryptoki/src/session/digesting.rs index 32cbe06a..ba5e7617 100644 --- a/cryptoki/src/session/digesting.rs +++ b/cryptoki/src/session/digesting.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Digesting functions +use crate::context::Function; use crate::error::{Result, Rv}; use crate::mechanism::Mechanism; use crate::session::Session; @@ -19,7 +20,7 @@ impl Session { self.handle(), &mut mechanism as CK_MECHANISM_PTR, )) - .into_result()?; + .into_result(Function::DigestInit)?; } // Get the output buffer length @@ -31,7 +32,7 @@ impl Session { std::ptr::null_mut(), &mut digest_len, )) - .into_result()?; + .into_result(Function::Digest)?; } let mut digest = vec![0; digest_len.try_into()?]; @@ -44,7 +45,7 @@ impl Session { digest.as_mut_ptr(), &mut digest_len, )) - .into_result()?; + .into_result(Function::Digest)?; } digest.resize(digest_len.try_into()?, 0); diff --git a/cryptoki/src/session/encryption.rs b/cryptoki/src/session/encryption.rs index 0caa1f3c..24e56ed4 100644 --- a/cryptoki/src/session/encryption.rs +++ b/cryptoki/src/session/encryption.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Encrypting data +use crate::context::Function; use crate::error::{Result, Rv}; use crate::mechanism::Mechanism; use crate::object::ObjectHandle; @@ -26,7 +27,7 @@ impl Session { &mut mechanism as CK_MECHANISM_PTR, key.handle(), )) - .into_result()?; + .into_result(Function::EncryptInit)?; } // Get the output buffer length @@ -38,7 +39,7 @@ impl Session { std::ptr::null_mut(), &mut encrypted_data_len, )) - .into_result()?; + .into_result(Function::Encrypt)?; } let mut encrypted_data = vec![0; encrypted_data_len.try_into()?]; @@ -51,7 +52,7 @@ impl Session { encrypted_data.as_mut_ptr(), &mut encrypted_data_len, )) - .into_result()?; + .into_result(Function::Encrypt)?; } encrypted_data.resize(encrypted_data_len.try_into()?, 0); diff --git a/cryptoki/src/session/key_management.rs b/cryptoki/src/session/key_management.rs index 7755e205..0d5dfd13 100644 --- a/cryptoki/src/session/key_management.rs +++ b/cryptoki/src/session/key_management.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Key management functions +use crate::context::Function; use crate::error::{Result, Rv}; use crate::mechanism::Mechanism; use crate::object::{Attribute, ObjectHandle}; @@ -27,7 +28,7 @@ impl Session { template.len().try_into()?, &mut handle, )) - .into_result()?; + .into_result(Function::GenerateKey)?; } Ok(ObjectHandle::new(handle)) @@ -58,7 +59,7 @@ impl Session { &mut pub_handle, &mut priv_handle, )) - .into_result()?; + .into_result(Function::GenerateKeyPair)?; } Ok(( @@ -86,7 +87,7 @@ impl Session { template.len().try_into()?, &mut handle, )) - .into_result()?; + .into_result(Function::DeriveKey)?; } Ok(ObjectHandle::new(handle)) @@ -111,7 +112,7 @@ impl Session { std::ptr::null_mut(), &mut wrapped_key_len, )) - .into_result()?; + .into_result(Function::WrapKey)?; let mut wrapped_key = vec![0; wrapped_key_len.try_into()?]; @@ -123,7 +124,7 @@ impl Session { wrapped_key.as_mut_ptr(), &mut wrapped_key_len, )) - .into_result()?; + .into_result(Function::WrapKey)?; Ok(wrapped_key) } @@ -151,7 +152,7 @@ impl Session { template.len().try_into()?, &mut handle, )) - .into_result()?; + .into_result(Function::UnwrapKey)?; } Ok(ObjectHandle::new(handle)) diff --git a/cryptoki/src/session/object_management.rs b/cryptoki/src/session/object_management.rs index 56370fe0..dae2b611 100644 --- a/cryptoki/src/session/object_management.rs +++ b/cryptoki/src/session/object_management.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Object management functions +use crate::context::Function; use crate::error::{Result, Rv, RvError}; use crate::object::{Attribute, AttributeInfo, AttributeType, ObjectHandle}; use crate::session::Session; @@ -23,7 +24,7 @@ impl Session { template.as_mut_ptr(), template.len().try_into()?, )) - .into_result()?; + .into_result(Function::FindObjectsInit)?; } let mut object_handles = [0; MAX_OBJECT_COUNT]; @@ -37,7 +38,7 @@ impl Session { MAX_OBJECT_COUNT.try_into()?, &mut object_count, )) - .into_result()?; + .into_result(Function::FindObjects)?; } while object_count > 0 { @@ -50,7 +51,7 @@ impl Session { MAX_OBJECT_COUNT.try_into()?, &mut object_count, )) - .into_result()?; + .into_result(Function::FindObjects)?; } } @@ -58,7 +59,7 @@ impl Session { Rv::from(get_pkcs11!(self.client(), C_FindObjectsFinal)( self.handle(), )) - .into_result()?; + .into_result(Function::FindObjectsFinal)?; } let objects = objects.into_iter().map(ObjectHandle::new).collect(); @@ -78,7 +79,7 @@ impl Session { template.len().try_into()?, &mut object_handle as CK_OBJECT_HANDLE_PTR, )) - .into_result()?; + .into_result(Function::CreateObject)?; } Ok(ObjectHandle::new(object_handle)) @@ -91,7 +92,7 @@ impl Session { self.handle(), object.handle(), )) - .into_result() + .into_result(Function::DestroyObject) } } @@ -181,7 +182,7 @@ impl Session { Rv::Error(RvError::AttributeTypeInvalid) => { results.push(AttributeInfo::TypeInvalid) } - rv => rv.into_result()?, + rv => rv.into_result(Function::GetAttributeValue)?, } } Ok(results) @@ -257,7 +258,7 @@ impl Session { template.as_mut_ptr(), template.len().try_into()?, )) - .into_result()?; + .into_result(Function::GetAttributeValue)?; } // Convert from CK_ATTRIBUTE to Attribute @@ -275,7 +276,7 @@ impl Session { template.as_mut_ptr(), template.len().try_into()?, )) - .into_result()?; + .into_result(Function::SetAttributeValue)?; } Ok(()) diff --git a/cryptoki/src/session/random.rs b/cryptoki/src/session/random.rs index 11db44ee..6dae5dc3 100644 --- a/cryptoki/src/session/random.rs +++ b/cryptoki/src/session/random.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Functions used to generate random numbers +use crate::context::Function; use crate::error::{Result, Rv}; use crate::session::Session; use std::convert::TryInto; @@ -20,7 +21,7 @@ impl Session { random_data.as_ptr() as *mut u8, random_data.len().try_into()?, )) - .into_result()?; + .into_result(Function::GenerateRandom)?; } Ok(()) } @@ -35,7 +36,7 @@ impl Session { result.as_mut_ptr() as *mut u8, random_len.try_into()?, )) - .into_result()?; + .into_result(Function::GenerateRandom)?; } Ok(result) } @@ -48,7 +49,7 @@ impl Session { seed.as_ptr() as *mut u8, seed.len().try_into()?, )) - .into_result()?; + .into_result(Function::SeedRandom)?; } Ok(()) } diff --git a/cryptoki/src/session/session_management.rs b/cryptoki/src/session/session_management.rs index 0cbee9e8..4c7a5b67 100644 --- a/cryptoki/src/session/session_management.rs +++ b/cryptoki/src/session/session_management.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Session management functions +use crate::context::Function; use crate::error::{Result, Rv}; use crate::session::{Session, SessionInfo, UserType}; use crate::types::{AuthPin, RawAuthPin}; @@ -21,7 +22,7 @@ impl Drop for Session { Rv::from(get_pkcs11!(session.client(), C_CloseSession)( session.handle(), )) - .into_result() + .into_result(Function::CloseSession) } } @@ -56,7 +57,7 @@ impl Session { pin, pin_len.try_into()?, )) - .into_result() + .into_result(Function::Login) } } @@ -80,13 +81,16 @@ impl Session { pin.expose_secret().as_ptr() as *mut u8, pin.expose_secret().len().try_into()?, )) - .into_result() + .into_result(Function::Login) } } /// Log a session out pub fn logout(&self) -> Result<()> { - unsafe { Rv::from(get_pkcs11!(self.client(), C_Logout)(self.handle())).into_result() } + unsafe { + Rv::from(get_pkcs11!(self.client(), C_Logout)(self.handle())) + .into_result(Function::Logout) + } } /// Returns the information about a session @@ -97,7 +101,7 @@ impl Session { self.handle(), &mut session_info, )) - .into_result()?; + .into_result(Function::GetSessionInfo)?; SessionInfo::try_from(session_info) } } diff --git a/cryptoki/src/session/signing_macing.rs b/cryptoki/src/session/signing_macing.rs index d100c72b..a3fd6f6d 100644 --- a/cryptoki/src/session/signing_macing.rs +++ b/cryptoki/src/session/signing_macing.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Signing and authentication functions +use crate::context::Function; use crate::error::{Result, Rv}; use crate::mechanism::Mechanism; use crate::object::ObjectHandle; @@ -21,7 +22,7 @@ impl Session { &mut mechanism as CK_MECHANISM_PTR, key.handle(), )) - .into_result()?; + .into_result(Function::SignInit)?; } // Get the output buffer length @@ -33,7 +34,7 @@ impl Session { std::ptr::null_mut(), &mut signature_len, )) - .into_result()?; + .into_result(Function::Sign)?; } let mut signature = vec![0; signature_len.try_into()?]; @@ -47,7 +48,7 @@ impl Session { signature.as_mut_ptr(), &mut signature_len, )) - .into_result()?; + .into_result(Function::Sign)?; } signature.resize(signature_len.try_into()?, 0); @@ -71,7 +72,7 @@ impl Session { &mut mechanism as CK_MECHANISM_PTR, key.handle(), )) - .into_result()?; + .into_result(Function::VerifyInit)?; } unsafe { @@ -82,7 +83,7 @@ impl Session { signature.as_ptr() as *mut u8, signature.len().try_into()?, )) - .into_result() + .into_result(Function::Verify) } } } diff --git a/cryptoki/src/session/slot_token_management.rs b/cryptoki/src/session/slot_token_management.rs index cfa6e973..4dde294b 100644 --- a/cryptoki/src/session/slot_token_management.rs +++ b/cryptoki/src/session/slot_token_management.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Slot and token management functions +use crate::context::Function; use crate::error::{Result, Rv}; use crate::session::Session; use crate::types::AuthPin; @@ -17,7 +18,7 @@ impl Session { pin.expose_secret().as_ptr() as *mut u8, pin.expose_secret().len().try_into()?, )) - .into_result() + .into_result(Function::InitPIN) } } @@ -32,7 +33,7 @@ impl Session { new_pin.expose_secret().as_ptr() as *mut u8, new_pin.expose_secret().len().try_into()?, )) - .into_result() + .into_result(Function::SetPIN) } } } diff --git a/cryptoki/tests/basic.rs b/cryptoki/tests/basic.rs index 6a0fb197..6d552770 100644 --- a/cryptoki/tests/basic.rs +++ b/cryptoki/tests/basic.rs @@ -4,6 +4,7 @@ mod common; use crate::common::{SO_PIN, USER_PIN}; use common::init_pins; +use cryptoki::context::Function; use cryptoki::error::{Error, RvError}; use cryptoki::mechanism::aead::GcmParams; use cryptoki::mechanism::Mechanism; @@ -404,27 +405,27 @@ fn login_feast() { threads.push(thread::spawn(move || { let session = pkcs11.open_rw_session(slot).unwrap(); match session.login(UserType::User, Some(&AuthPin::new(USER_PIN.into()))) { - Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn, Function::Login)) => {} Err(e) => panic!("Bad error response: {}", e), } match session.login(UserType::User, Some(&AuthPin::new(USER_PIN.into()))) { - Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn, Function::Login)) => {} Err(e) => panic!("Bad error response: {}", e), } match session.login(UserType::User, Some(&AuthPin::new(USER_PIN.into()))) { - Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn, Function::Login)) => {} Err(e) => panic!("Bad error response: {}", e), } match session.logout() { - Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn, Function::Logout)) => {} Err(e) => panic!("Bad error response: {}", e), } match session.logout() { - Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn, Function::Logout)) => {} Err(e) => panic!("Bad error response: {}", e), } match session.logout() { - Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn, Function::Logout)) => {} Err(e) => panic!("Bad error response: {}", e), } })); @@ -479,7 +480,7 @@ fn get_session_info_test() -> TestResult { assert_eq!(session_info.slot_id(), slot); assert!(matches!(session_info.session_state(), SessionState::RoUser)); session.logout()?; - if let Err(cryptoki::error::Error::Pkcs11(rv_error)) = + if let Err(cryptoki::error::Error::Pkcs11(rv_error, _)) = session.login(UserType::So, Some(&AuthPin::new(SO_PIN.into()))) { assert_eq!(rv_error, RvError::SessionReadOnlyExists) @@ -783,7 +784,7 @@ fn ro_rw_session_test() -> TestResult { // This should NOT work using the Read-Only session let e = ro_session.create_object(&template).unwrap_err(); - if let Error::Pkcs11(RvError::SessionReadOnly) = e { + if let Error::Pkcs11(RvError::SessionReadOnly, _f) = e { // as expected } else { panic!("Got wrong error code (expecting SessionReadOnly): {}", e);