aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin Krahl <robin.krahl@ireas.org>2019-01-23 04:27:14 +0000
committerRobin Krahl <robin.krahl@ireas.org>2019-01-23 05:30:23 +0100
commitd4663961c41a0fb6f81f4a54aefd0fedce49d350 (patch)
tree2622fdecee2dd3c2926118cad296e2c0772fedd1
parentc79ddf8116659efd1aa7de42bb85337632f238dd (diff)
downloadnitrokey-rs-d4663961c41a0fb6f81f4a54aefd0fedce49d350.tar.gz
nitrokey-rs-d4663961c41a0fb6f81f4a54aefd0fedce49d350.tar.bz2
Return UTF-8 error if libnitrokey returns an invalid string
Previously, we used lossy UTF-8 conversion. Yet the user should be notified if we have a problem instead of silently changing the data. Therefore, we now return an error if we enocunter an invalid UTF-8 string. This leads to a change in `get_library_version`’s signature.
-rw-r--r--CHANGELOG.md2
-rw-r--r--src/lib.rs17
-rw-r--r--src/util.rs9
-rw-r--r--tests/lib.rs2
4 files changed, 21 insertions, 9 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index c800521..70bd7cb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,8 @@
- Add `Pro::new` and `Storage::new` functions.
- Implement `From<Pro>` and `From<Storage>` for `DeviceWrapper`.
- Add `Error::Utf8Error` variant.
+ - Return `Result<Version>` instead of `Version` from `get_library_version`.
+ - Return `Error::Utf8Error` if libnitrokey returns an invalid UTF-8 string.
# v0.3.4 (2019-01-20)
- Fix authentication methods that assumed that `char` is signed.
diff --git a/src/lib.rs b/src/lib.rs
index 993ec92..a1edb6b 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -168,21 +168,30 @@ pub fn set_log_level(level: LogLevel) {
/// Returns the libnitrokey library version.
///
+/// # Errors
+///
+/// - [`Utf8Error`][] if libnitrokey returned an invalid UTF-8 string
+///
/// # Example
///
/// ```
-/// let version = nitrokey::get_library_version();
+/// # fn main() -> Result<(), nitrokey::Error> {
+/// let version = nitrokey::get_library_version()?;
/// println!("Using libnitrokey {}", version.git);
+/// # Ok(())
+/// # }
/// ```
-pub fn get_library_version() -> Version {
+///
+/// [`Utf8Error`]: enum.Error.html#variant.Utf8Error
+pub fn get_library_version() -> Result<Version> {
// NK_get_library_version returns a static string, so we don’t have to free the pointer.
let git = unsafe { nitrokey_sys::NK_get_library_version() };
let git = if git.is_null() {
String::new()
} else {
- util::owned_str_from_ptr(git)
+ util::owned_str_from_ptr(git)?
};
let major = unsafe { nitrokey_sys::NK_get_major_library_version() };
let minor = unsafe { nitrokey_sys::NK_get_minor_library_version() };
- Version { git, major, minor }
+ Ok(Version { git, major, minor })
}
diff --git a/src/util.rs b/src/util.rs
index f8ad9c9..64dde39 100644
--- a/src/util.rs
+++ b/src/util.rs
@@ -28,17 +28,18 @@ pub enum LogLevel {
DebugL2,
}
-pub fn owned_str_from_ptr(ptr: *const c_char) -> String {
+pub fn owned_str_from_ptr(ptr: *const c_char) -> Result<String, Error> {
unsafe { CStr::from_ptr(ptr) }
- .to_string_lossy()
- .into_owned()
+ .to_str()
+ .map(String::from)
+ .map_err(Error::from)
}
pub fn result_from_string(ptr: *const c_char) -> Result<String, Error> {
if ptr.is_null() {
return Err(Error::UnexpectedError);
}
- let s = owned_str_from_ptr(ptr);
+ let s = owned_str_from_ptr(ptr)?;
unsafe { free(ptr as *mut c_void) };
// An empty string can both indicate an error or be a valid return value. In this case, we
// have to check the last command status to decide what to return.
diff --git a/tests/lib.rs b/tests/lib.rs
index c92e224..d298048 100644
--- a/tests/lib.rs
+++ b/tests/lib.rs
@@ -1,6 +1,6 @@
#[test]
fn get_library_version() {
- let version = nitrokey::get_library_version();
+ let version = nitrokey::get_library_version().unwrap();
assert!(version.git.is_empty() || version.git.starts_with("v"));
assert!(version.major > 0);