From 77d046ac576f36eafa6fc9ba077a591bc9112b2d Mon Sep 17 00:00:00 2001 From: Ionut Mihalcea Date: Sun, 4 Jun 2023 12:46:55 +0100 Subject: [PATCH] Add function name to errors and logs Adding the name of the function that lead to a backend error to the log messages it generates and to the error returned to the client. Signed-off-by: Ionut Mihalcea --- cryptoki/src/context/general_purpose.rs | 11 ++++++-- cryptoki/src/context/mod.rs | 5 ++-- cryptoki/src/context/session_management.rs | 4 ++- cryptoki/src/context/slot_token_management.rs | 22 ++++++++-------- cryptoki/src/error/mod.rs | 14 ++++------- cryptoki/src/error/rv.rs | 6 +++-- cryptoki/src/session/decryption.rs | 7 +++--- cryptoki/src/session/digesting.rs | 7 +++--- cryptoki/src/session/encryption.rs | 7 +++--- cryptoki/src/session/key_management.rs | 13 +++++----- cryptoki/src/session/object_management.rs | 19 +++++++------- cryptoki/src/session/random.rs | 7 +++--- cryptoki/src/session/session_management.rs | 14 +++++++---- cryptoki/src/session/signing_macing.rs | 11 ++++---- cryptoki/src/session/slot_token_management.rs | 5 ++-- cryptoki/tests/basic.rs | 25 ++++++++++++------- 16 files changed, 103 insertions(+), 74 deletions(-) diff --git a/cryptoki/src/context/general_purpose.rs b/cryptoki/src/context/general_purpose.rs index 884b9a88..1fa44e24 100644 --- a/cryptoki/src/context/general_purpose.rs +++ b/cryptoki/src/context/general_purpose.rs @@ -7,6 +7,7 @@ use crate::error::{Result, Rv}; use cryptoki_sys::{CK_C_INITIALIZE_ARGS, CK_INFO}; use paste::paste; use std::convert::TryFrom; +use std::fmt::Display; // See public docs on stub in parent mod.rs #[inline(always)] @@ -18,7 +19,7 @@ pub(super) fn initialize(ctx: &Pkcs11, init_args: CInitializeArgs) -> Result<()> Rv::from(get_pkcs11!(ctx, C_Initialize)( init_args_ptr as *mut CK_C_INITIALIZE_ARGS as *mut ::std::ffi::c_void, )) - .into_result() + .into_result(Function::Initialize) } } @@ -27,7 +28,7 @@ pub(super) fn initialize(ctx: &Pkcs11, init_args: CInitializeArgs) -> Result<()> pub(super) fn get_library_info(ctx: &Pkcs11) -> Result { let mut info = CK_INFO::default(); unsafe { - Rv::from(get_pkcs11!(ctx, C_GetInfo)(&mut info)).into_result()?; + Rv::from(get_pkcs11!(ctx, C_GetInfo)(&mut info)).into_result(Function::GetInfo)?; Info::try_from(info) } } @@ -117,6 +118,12 @@ pub enum Function { WaitForSlotEvent, } +impl Display for Function { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + write!(f, "Function::{:?}", self) + } +} + #[inline(always)] pub(super) fn is_fn_supported(ctx: &Pkcs11, function: Function) -> bool { match function { diff --git a/cryptoki/src/context/mod.rs b/cryptoki/src/context/mod.rs index 8ad0bfd4..160b9cbe 100644 --- a/cryptoki/src/context/mod.rs +++ b/cryptoki/src/context/mod.rs @@ -60,7 +60,7 @@ impl Pkcs11Impl { .ok_or(Error::NullFunctionPointer)?( ptr::null_mut() )) - .into_result() + .into_result(Function::Finalize) } } } @@ -91,7 +91,8 @@ impl Pkcs11 { cryptoki_sys::Pkcs11::new(filename.as_ref()).map_err(Error::LibraryLoading)?; let mut list = mem::MaybeUninit::uninit(); - Rv::from(pkcs11_lib.C_GetFunctionList(list.as_mut_ptr())).into_result()?; + Rv::from(pkcs11_lib.C_GetFunctionList(list.as_mut_ptr())) + .into_result(Function::GetFunctionList)?; let list_ptr = *list.as_ptr(); diff --git a/cryptoki/src/context/session_management.rs b/cryptoki/src/context/session_management.rs index d3d55bfc..27dc29c6 100644 --- a/cryptoki/src/context/session_management.rs +++ b/cryptoki/src/context/session_management.rs @@ -10,6 +10,8 @@ use crate::session::Session; use crate::slot::Slot; use std::convert::TryInto; +use super::Function; + impl Pkcs11 { #[inline(always)] fn open_session(&self, slot_id: Slot, read_write: bool) -> Result { @@ -29,7 +31,7 @@ impl Pkcs11 { None, &mut session_handle, )) - .into_result()?; + .into_result(Function::OpenSession)?; } Ok(Session::new(session_handle, self.clone())) diff --git a/cryptoki/src/context/slot_token_management.rs b/cryptoki/src/context/slot_token_management.rs index 0c35873c..76647587 100644 --- a/cryptoki/src/context/slot_token_management.rs +++ b/cryptoki/src/context/slot_token_management.rs @@ -20,6 +20,8 @@ use std::convert::{TryFrom, TryInto}; use crate::error::RvError::BufferTooSmall; +use super::Function; + impl Pkcs11 { #[inline(always)] fn get_slots(&self, with_token: CK_BBOOL) -> Result> { @@ -27,7 +29,7 @@ impl Pkcs11 { let rval = unsafe { get_pkcs11!(self, C_GetSlotList)(with_token, std::ptr::null_mut(), &mut slot_count) }; - Rv::from(rval).into_result()?; + Rv::from(rval).into_result(Function::GetSlotList)?; let mut slots; loop { @@ -41,7 +43,7 @@ impl Pkcs11 { // and we want to loop again with a resized buffer. if !matches!(Rv::from(rval), Rv::Error(BufferTooSmall)) { // Account for other possible error types - Rv::from(rval).into_result()?; + Rv::from(rval).into_result(Function::GetSlotList)?; // Otherwise, we have a valid list to process break; } @@ -92,7 +94,7 @@ impl Pkcs11 { pin.expose_secret().len().try_into()?, label.as_ptr() as *mut u8, )) - .into_result() + .into_result(Function::InitToken) } } @@ -104,7 +106,7 @@ impl Pkcs11 { slot.try_into()?, &mut slot_info, )) - .into_result()?; + .into_result(Function::GetSlotInfo)?; Ok(SlotInfo::from(slot_info)) } } @@ -117,7 +119,7 @@ impl Pkcs11 { slot.try_into()?, &mut token_info, )) - .into_result()?; + .into_result(Function::GetTokenInfo)?; TokenInfo::try_from(token_info) } } @@ -132,7 +134,7 @@ impl Pkcs11 { std::ptr::null_mut(), &mut mechanism_count, )) - .into_result()?; + .into_result(Function::GetMechanismList)?; } let mut mechanisms = vec![0; mechanism_count.try_into()?]; @@ -143,7 +145,7 @@ impl Pkcs11 { mechanisms.as_mut_ptr(), &mut mechanism_count, )) - .into_result()?; + .into_result(Function::GetMechanismList)?; } // Truncate mechanisms if count decreased. @@ -164,7 +166,7 @@ impl Pkcs11 { type_.into(), &mut mechanism_info, )) - .into_result()?; + .into_result(Function::GetMechanismInfo)?; Ok(MechanismInfo::from(mechanism_info)) } } @@ -174,7 +176,7 @@ impl Pkcs11 { let mut slot: CK_SLOT_ID = 0; let wait_for_slot_event = get_pkcs11!(self, C_WaitForSlotEvent); let rv = wait_for_slot_event(flags, &mut slot, std::ptr::null_mut()); - Rv::from(rv).into_result()?; + Rv::from(rv).into_result(Function::WaitForSlotEvent)?; Ok(Slot::new(slot)) } } @@ -187,7 +189,7 @@ impl Pkcs11 { /// Get the latest slot event (insertion or removal of a token) pub fn get_slot_event(&self) -> Result> { match self.wait_for_slot_event_impl(CKF_DONT_BLOCK) { - Err(Error::Pkcs11(RvError::NoEvent)) => Ok(None), + Err(Error::Pkcs11(RvError::NoEvent, Function::WaitForSlotEvent)) => Ok(None), Ok(slot) => Ok(Some(slot)), Err(x) => Err(x), } diff --git a/cryptoki/src/error/mod.rs b/cryptoki/src/error/mod.rs index 082b12e1..be2c647d 100644 --- a/cryptoki/src/error/mod.rs +++ b/cryptoki/src/error/mod.rs @@ -10,6 +10,8 @@ pub use rv_error::*; use std::fmt; +use crate::context::Function; + #[derive(Debug)] /// Main error type pub enum Error { @@ -18,7 +20,7 @@ pub enum Error { LibraryLoading(libloading::Error), /// All PKCS#11 functions that return non-zero translate to this error. - Pkcs11(RvError), + Pkcs11(RvError, Function), /// This error marks a feature that is not yet supported by the PKCS11 Rust abstraction layer. NotSupported, @@ -55,7 +57,7 @@ impl fmt::Display for Error { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { match self { Error::LibraryLoading(e) => write!(f, "libloading error ({e})"), - Error::Pkcs11(e) => write!(f, "PKCS11 error: {e}"), + Error::Pkcs11(e, funct) => write!(f, "{funct}: PKCS11 error: {e}"), Error::NotSupported => write!(f, "Feature not supported"), Error::TryFromInt(e) => write!(f, "Conversion between integers failed ({e})"), Error::TryFromSlice(e) => write!(f, "Error converting slice to array ({e})"), @@ -79,7 +81,7 @@ impl std::error::Error for Error { Error::ParseInt(e) => Some(e), Error::Utf8(e) => Some(e), Error::NulError(e) => Some(e), - Error::Pkcs11(_) + Error::Pkcs11(_, _) | Error::NotSupported | Error::NullFunctionPointer | Error::PinNotSet @@ -131,11 +133,5 @@ impl From for Error { } } -impl From for Error { - fn from(rv_error: RvError) -> Self { - Error::Pkcs11(rv_error) - } -} - /// Main Result type pub type Result = core::result::Result; diff --git a/cryptoki/src/error/rv.rs b/cryptoki/src/error/rv.rs index 660e1d30..32b74a5c 100644 --- a/cryptoki/src/error/rv.rs +++ b/cryptoki/src/error/rv.rs @@ -2,6 +2,8 @@ // SPDX-License-Identifier: Apache-2.0 //! Function types +use crate::context::Function; + use super::{Error, Result, RvError}; use cryptoki_sys::*; use log::error; @@ -128,10 +130,10 @@ impl From for Rv { impl Rv { /// Convert the return value into a standard Result type - pub fn into_result(self) -> Result<()> { + pub fn into_result(self, function: Function) -> Result<()> { match self { Rv::Ok => Ok(()), - Rv::Error(rv_error) => Err(Error::Pkcs11(rv_error)), + Rv::Error(rv_error) => Err(Error::Pkcs11(rv_error, function)), } } } diff --git a/cryptoki/src/session/decryption.rs b/cryptoki/src/session/decryption.rs index 5cd463bb..59745fd8 100644 --- a/cryptoki/src/session/decryption.rs +++ b/cryptoki/src/session/decryption.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Decrypting data +use crate::context::Function; use crate::error::{Result, Rv}; use crate::mechanism::Mechanism; use crate::object::ObjectHandle; @@ -26,7 +27,7 @@ impl Session { &mut mechanism as CK_MECHANISM_PTR, key.handle(), )) - .into_result()?; + .into_result(Function::DecryptInit)?; } // Get the output buffer length @@ -39,7 +40,7 @@ impl Session { std::ptr::null_mut(), &mut data_len, )) - .into_result()?; + .into_result(Function::Decrypt)?; } let mut data = vec![0; data_len.try_into()?]; @@ -52,7 +53,7 @@ impl Session { data.as_mut_ptr(), &mut data_len, )) - .into_result()?; + .into_result(Function::Decrypt)?; } data.resize(data_len.try_into()?, 0); diff --git a/cryptoki/src/session/digesting.rs b/cryptoki/src/session/digesting.rs index 32cbe06a..ba5e7617 100644 --- a/cryptoki/src/session/digesting.rs +++ b/cryptoki/src/session/digesting.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Digesting functions +use crate::context::Function; use crate::error::{Result, Rv}; use crate::mechanism::Mechanism; use crate::session::Session; @@ -19,7 +20,7 @@ impl Session { self.handle(), &mut mechanism as CK_MECHANISM_PTR, )) - .into_result()?; + .into_result(Function::DigestInit)?; } // Get the output buffer length @@ -31,7 +32,7 @@ impl Session { std::ptr::null_mut(), &mut digest_len, )) - .into_result()?; + .into_result(Function::Digest)?; } let mut digest = vec![0; digest_len.try_into()?]; @@ -44,7 +45,7 @@ impl Session { digest.as_mut_ptr(), &mut digest_len, )) - .into_result()?; + .into_result(Function::Digest)?; } digest.resize(digest_len.try_into()?, 0); diff --git a/cryptoki/src/session/encryption.rs b/cryptoki/src/session/encryption.rs index 0caa1f3c..24e56ed4 100644 --- a/cryptoki/src/session/encryption.rs +++ b/cryptoki/src/session/encryption.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Encrypting data +use crate::context::Function; use crate::error::{Result, Rv}; use crate::mechanism::Mechanism; use crate::object::ObjectHandle; @@ -26,7 +27,7 @@ impl Session { &mut mechanism as CK_MECHANISM_PTR, key.handle(), )) - .into_result()?; + .into_result(Function::EncryptInit)?; } // Get the output buffer length @@ -38,7 +39,7 @@ impl Session { std::ptr::null_mut(), &mut encrypted_data_len, )) - .into_result()?; + .into_result(Function::Encrypt)?; } let mut encrypted_data = vec![0; encrypted_data_len.try_into()?]; @@ -51,7 +52,7 @@ impl Session { encrypted_data.as_mut_ptr(), &mut encrypted_data_len, )) - .into_result()?; + .into_result(Function::Encrypt)?; } encrypted_data.resize(encrypted_data_len.try_into()?, 0); diff --git a/cryptoki/src/session/key_management.rs b/cryptoki/src/session/key_management.rs index 7755e205..0d5dfd13 100644 --- a/cryptoki/src/session/key_management.rs +++ b/cryptoki/src/session/key_management.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Key management functions +use crate::context::Function; use crate::error::{Result, Rv}; use crate::mechanism::Mechanism; use crate::object::{Attribute, ObjectHandle}; @@ -27,7 +28,7 @@ impl Session { template.len().try_into()?, &mut handle, )) - .into_result()?; + .into_result(Function::GenerateKey)?; } Ok(ObjectHandle::new(handle)) @@ -58,7 +59,7 @@ impl Session { &mut pub_handle, &mut priv_handle, )) - .into_result()?; + .into_result(Function::GenerateKeyPair)?; } Ok(( @@ -86,7 +87,7 @@ impl Session { template.len().try_into()?, &mut handle, )) - .into_result()?; + .into_result(Function::DeriveKey)?; } Ok(ObjectHandle::new(handle)) @@ -111,7 +112,7 @@ impl Session { std::ptr::null_mut(), &mut wrapped_key_len, )) - .into_result()?; + .into_result(Function::WrapKey)?; let mut wrapped_key = vec![0; wrapped_key_len.try_into()?]; @@ -123,7 +124,7 @@ impl Session { wrapped_key.as_mut_ptr(), &mut wrapped_key_len, )) - .into_result()?; + .into_result(Function::WrapKey)?; Ok(wrapped_key) } @@ -151,7 +152,7 @@ impl Session { template.len().try_into()?, &mut handle, )) - .into_result()?; + .into_result(Function::UnwrapKey)?; } Ok(ObjectHandle::new(handle)) diff --git a/cryptoki/src/session/object_management.rs b/cryptoki/src/session/object_management.rs index 56370fe0..dae2b611 100644 --- a/cryptoki/src/session/object_management.rs +++ b/cryptoki/src/session/object_management.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Object management functions +use crate::context::Function; use crate::error::{Result, Rv, RvError}; use crate::object::{Attribute, AttributeInfo, AttributeType, ObjectHandle}; use crate::session::Session; @@ -23,7 +24,7 @@ impl Session { template.as_mut_ptr(), template.len().try_into()?, )) - .into_result()?; + .into_result(Function::FindObjectsInit)?; } let mut object_handles = [0; MAX_OBJECT_COUNT]; @@ -37,7 +38,7 @@ impl Session { MAX_OBJECT_COUNT.try_into()?, &mut object_count, )) - .into_result()?; + .into_result(Function::FindObjects)?; } while object_count > 0 { @@ -50,7 +51,7 @@ impl Session { MAX_OBJECT_COUNT.try_into()?, &mut object_count, )) - .into_result()?; + .into_result(Function::FindObjects)?; } } @@ -58,7 +59,7 @@ impl Session { Rv::from(get_pkcs11!(self.client(), C_FindObjectsFinal)( self.handle(), )) - .into_result()?; + .into_result(Function::FindObjectsFinal)?; } let objects = objects.into_iter().map(ObjectHandle::new).collect(); @@ -78,7 +79,7 @@ impl Session { template.len().try_into()?, &mut object_handle as CK_OBJECT_HANDLE_PTR, )) - .into_result()?; + .into_result(Function::CreateObject)?; } Ok(ObjectHandle::new(object_handle)) @@ -91,7 +92,7 @@ impl Session { self.handle(), object.handle(), )) - .into_result() + .into_result(Function::DestroyObject) } } @@ -181,7 +182,7 @@ impl Session { Rv::Error(RvError::AttributeTypeInvalid) => { results.push(AttributeInfo::TypeInvalid) } - rv => rv.into_result()?, + rv => rv.into_result(Function::GetAttributeValue)?, } } Ok(results) @@ -257,7 +258,7 @@ impl Session { template.as_mut_ptr(), template.len().try_into()?, )) - .into_result()?; + .into_result(Function::GetAttributeValue)?; } // Convert from CK_ATTRIBUTE to Attribute @@ -275,7 +276,7 @@ impl Session { template.as_mut_ptr(), template.len().try_into()?, )) - .into_result()?; + .into_result(Function::SetAttributeValue)?; } Ok(()) diff --git a/cryptoki/src/session/random.rs b/cryptoki/src/session/random.rs index 728a5c17..3cf9dec5 100644 --- a/cryptoki/src/session/random.rs +++ b/cryptoki/src/session/random.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Functions used to generate random numbers +use crate::context::Function; use crate::error::{Result, Rv}; use crate::session::Session; use std::convert::TryInto; @@ -20,7 +21,7 @@ impl Session { random_data.as_ptr() as *mut u8, random_data.len().try_into()?, )) - .into_result()?; + .into_result(Function::GenerateRandom)?; } Ok(()) } @@ -35,7 +36,7 @@ impl Session { result.as_mut_ptr(), random_len.try_into()?, )) - .into_result()?; + .into_result(Function::GenerateRandom)?; } Ok(result) } @@ -48,7 +49,7 @@ impl Session { seed.as_ptr() as *mut u8, seed.len().try_into()?, )) - .into_result()?; + .into_result(Function::SeedRandom)?; } Ok(()) } diff --git a/cryptoki/src/session/session_management.rs b/cryptoki/src/session/session_management.rs index 0cbee9e8..4c7a5b67 100644 --- a/cryptoki/src/session/session_management.rs +++ b/cryptoki/src/session/session_management.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Session management functions +use crate::context::Function; use crate::error::{Result, Rv}; use crate::session::{Session, SessionInfo, UserType}; use crate::types::{AuthPin, RawAuthPin}; @@ -21,7 +22,7 @@ impl Drop for Session { Rv::from(get_pkcs11!(session.client(), C_CloseSession)( session.handle(), )) - .into_result() + .into_result(Function::CloseSession) } } @@ -56,7 +57,7 @@ impl Session { pin, pin_len.try_into()?, )) - .into_result() + .into_result(Function::Login) } } @@ -80,13 +81,16 @@ impl Session { pin.expose_secret().as_ptr() as *mut u8, pin.expose_secret().len().try_into()?, )) - .into_result() + .into_result(Function::Login) } } /// Log a session out pub fn logout(&self) -> Result<()> { - unsafe { Rv::from(get_pkcs11!(self.client(), C_Logout)(self.handle())).into_result() } + unsafe { + Rv::from(get_pkcs11!(self.client(), C_Logout)(self.handle())) + .into_result(Function::Logout) + } } /// Returns the information about a session @@ -97,7 +101,7 @@ impl Session { self.handle(), &mut session_info, )) - .into_result()?; + .into_result(Function::GetSessionInfo)?; SessionInfo::try_from(session_info) } } diff --git a/cryptoki/src/session/signing_macing.rs b/cryptoki/src/session/signing_macing.rs index d100c72b..a3fd6f6d 100644 --- a/cryptoki/src/session/signing_macing.rs +++ b/cryptoki/src/session/signing_macing.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Signing and authentication functions +use crate::context::Function; use crate::error::{Result, Rv}; use crate::mechanism::Mechanism; use crate::object::ObjectHandle; @@ -21,7 +22,7 @@ impl Session { &mut mechanism as CK_MECHANISM_PTR, key.handle(), )) - .into_result()?; + .into_result(Function::SignInit)?; } // Get the output buffer length @@ -33,7 +34,7 @@ impl Session { std::ptr::null_mut(), &mut signature_len, )) - .into_result()?; + .into_result(Function::Sign)?; } let mut signature = vec![0; signature_len.try_into()?]; @@ -47,7 +48,7 @@ impl Session { signature.as_mut_ptr(), &mut signature_len, )) - .into_result()?; + .into_result(Function::Sign)?; } signature.resize(signature_len.try_into()?, 0); @@ -71,7 +72,7 @@ impl Session { &mut mechanism as CK_MECHANISM_PTR, key.handle(), )) - .into_result()?; + .into_result(Function::VerifyInit)?; } unsafe { @@ -82,7 +83,7 @@ impl Session { signature.as_ptr() as *mut u8, signature.len().try_into()?, )) - .into_result() + .into_result(Function::Verify) } } } diff --git a/cryptoki/src/session/slot_token_management.rs b/cryptoki/src/session/slot_token_management.rs index cfa6e973..4dde294b 100644 --- a/cryptoki/src/session/slot_token_management.rs +++ b/cryptoki/src/session/slot_token_management.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 //! Slot and token management functions +use crate::context::Function; use crate::error::{Result, Rv}; use crate::session::Session; use crate::types::AuthPin; @@ -17,7 +18,7 @@ impl Session { pin.expose_secret().as_ptr() as *mut u8, pin.expose_secret().len().try_into()?, )) - .into_result() + .into_result(Function::InitPIN) } } @@ -32,7 +33,7 @@ impl Session { new_pin.expose_secret().as_ptr() as *mut u8, new_pin.expose_secret().len().try_into()?, )) - .into_result() + .into_result(Function::SetPIN) } } } diff --git a/cryptoki/tests/basic.rs b/cryptoki/tests/basic.rs index 3c363a75..4fdd049f 100644 --- a/cryptoki/tests/basic.rs +++ b/cryptoki/tests/basic.rs @@ -4,6 +4,7 @@ mod common; use crate::common::{get_pkcs11, SO_PIN, USER_PIN}; use common::init_pins; +use cryptoki::context::Function; use cryptoki::error::{Error, RvError}; use cryptoki::mechanism::aead::GcmParams; use cryptoki::mechanism::rsa::{PkcsMgfType, PkcsOaepParams, PkcsOaepSource}; @@ -405,27 +406,27 @@ fn login_feast() { threads.push(thread::spawn(move || { let session = pkcs11.open_rw_session(slot).unwrap(); match session.login(UserType::User, Some(&AuthPin::new(USER_PIN.into()))) { - Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn, Function::Login)) => {} Err(e) => panic!("Bad error response: {}", e), } match session.login(UserType::User, Some(&AuthPin::new(USER_PIN.into()))) { - Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn, Function::Login)) => {} Err(e) => panic!("Bad error response: {}", e), } match session.login(UserType::User, Some(&AuthPin::new(USER_PIN.into()))) { - Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserAlreadyLoggedIn, Function::Login)) => {} Err(e) => panic!("Bad error response: {}", e), } match session.logout() { - Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn, Function::Logout)) => {} Err(e) => panic!("Bad error response: {}", e), } match session.logout() { - Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn, Function::Logout)) => {} Err(e) => panic!("Bad error response: {}", e), } match session.logout() { - Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn)) => {} + Ok(_) | Err(Error::Pkcs11(RvError::UserNotLoggedIn, Function::Logout)) => {} Err(e) => panic!("Bad error response: {}", e), } })); @@ -480,7 +481,7 @@ fn get_session_info_test() -> TestResult { assert_eq!(session_info.slot_id(), slot); assert!(matches!(session_info.session_state(), SessionState::RoUser)); session.logout()?; - if let Err(cryptoki::error::Error::Pkcs11(rv_error)) = + if let Err(cryptoki::error::Error::Pkcs11(rv_error, _)) = session.login(UserType::So, Some(&AuthPin::new(SO_PIN.into()))) { assert_eq!(rv_error, RvError::SessionReadOnlyExists) @@ -808,7 +809,7 @@ fn ro_rw_session_test() -> TestResult { // This should NOT work using the Read-Only session let e = ro_session.create_object(&template).unwrap_err(); - if let Error::Pkcs11(RvError::SessionReadOnly) = e { + if let Error::Pkcs11(RvError::SessionReadOnly, _f) = e { // as expected } else { panic!("Got wrong error code (expecting SessionReadOnly): {}", e); @@ -1100,7 +1101,13 @@ fn wait_for_slot_event() { let res = pkcs11.wait_for_slot_event(); assert!( - matches!(res, Err(Error::Pkcs11(RvError::FunctionNotSupported))), + matches!( + res, + Err(Error::Pkcs11( + RvError::FunctionNotSupported, + Function::WaitForSlotEvent + )) + ), "res = {:?}", res );