diff options
Diffstat (limited to 'src/auth.rs')
| -rw-r--r-- | src/auth.rs | 62 |
1 files changed, 45 insertions, 17 deletions
diff --git a/src/auth.rs b/src/auth.rs index 0b000f7..5ecb393 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -10,7 +10,7 @@ use nitrokey_sys; use crate::config::{Config, RawConfig}; use crate::device::{Device, DeviceWrapper, Pro, Storage}; -use crate::error::Error; +use crate::error::{AuthenticationError, Error}; use crate::otp::{ConfigureOtp, GenerateOtp, OtpMode, OtpSlotData, RawOtpSlotData}; use crate::util::{generate_password, get_command_result, get_cstring, result_from_string}; @@ -63,7 +63,10 @@ pub trait Authenticate<'a> { /// [`InvalidString`]: enum.LibraryError.html#variant.InvalidString /// [`RngError`]: enum.CommandError.html#variant.RngError /// [`WrongPassword`]: enum.CommandError.html#variant.WrongPassword - fn authenticate_user(self, password: &str) -> Result<User<'a, Self>, (Self, Error)> + fn authenticate_user( + self, + password: &str, + ) -> Result<User<'a, Self>, AuthenticationError<'a, Self>> where Self: Device<'a> + Sized; @@ -110,7 +113,10 @@ pub trait Authenticate<'a> { /// [`InvalidString`]: enum.LibraryError.html#variant.InvalidString /// [`RngError`]: enum.CommandError.html#variant.RngError /// [`WrongPassword`]: enum.CommandError.html#variant.WrongPassword - fn authenticate_admin(self, password: &str) -> Result<Admin<'a, Self>, (Self, Error)> + fn authenticate_admin( + self, + password: &str, + ) -> Result<Admin<'a, Self>, AuthenticationError<'a, Self>> where Self: Device<'a> + Sized; } @@ -153,7 +159,11 @@ pub struct Admin<'a, T: Device<'a>> { marker: marker::PhantomData<&'a T>, } -fn authenticate<'a, D, A, T>(device: D, password: &str, callback: T) -> Result<A, (D, Error)> +fn authenticate<'a, D, A, T>( + device: D, + password: &str, + callback: T, +) -> Result<A, AuthenticationError<'a, D>> where D: Device<'a>, A: AuthenticatedDevice<D>, @@ -161,17 +171,17 @@ where { let temp_password = match generate_password(TEMPORARY_PASSWORD_LENGTH) { Ok(temp_password) => temp_password, - Err(err) => return Err((device, err)), + Err(err) => return Err(AuthenticationError::new(err, device)), }; let password = match get_cstring(password) { Ok(password) => password, - Err(err) => return Err((device, err)), + Err(err) => return Err(AuthenticationError::new(err, device)), }; let password_ptr = password.as_ptr(); let temp_password_ptr = temp_password.as_ptr() as *const c_char; match callback(password_ptr, temp_password_ptr) { 0 => Ok(A::new(device, temp_password)), - rv => Err((device, Error::from(rv))), + rv => Err(AuthenticationError::new(Error::from(rv), device)), } } @@ -179,7 +189,7 @@ fn authenticate_user_wrapper<'a, T, C>( device: T, constructor: C, password: &str, -) -> Result<User<'a, DeviceWrapper<'a>>, (DeviceWrapper<'a>, Error)> +) -> Result<User<'a, DeviceWrapper<'a>>, AuthenticationError<'a, DeviceWrapper<'a>>> where T: Device<'a> + 'a, C: Fn(T) -> DeviceWrapper<'a>, @@ -187,7 +197,7 @@ where let result = device.authenticate_user(password); match result { Ok(user) => Ok(User::new(constructor(user.device), user.temp_password)), - Err((device, err)) => Err((constructor(device), err)), + Err(err) => Err(err.map_device(constructor)), } } @@ -195,7 +205,7 @@ fn authenticate_admin_wrapper<'a, T, C>( device: T, constructor: C, password: &str, -) -> Result<Admin<'a, DeviceWrapper<'a>>, (DeviceWrapper<'a>, Error)> +) -> Result<Admin<'a, DeviceWrapper<'a>>, AuthenticationError<'a, DeviceWrapper<'a>>> where T: Device<'a> + 'a, C: Fn(T) -> DeviceWrapper<'a>, @@ -203,7 +213,7 @@ where let result = device.authenticate_admin(password); match result { Ok(user) => Ok(Admin::new(constructor(user.device), user.temp_password)), - Err((device, err)) => Err((constructor(device), err)), + Err(err) => Err(err.map_device(constructor)), } } @@ -386,7 +396,10 @@ impl<'a, T: Device<'a>> AuthenticatedDevice<T> for Admin<'a, T> { } impl<'a> Authenticate<'a> for DeviceWrapper<'a> { - fn authenticate_user(self, password: &str) -> Result<User<'a, Self>, (Self, Error)> { + fn authenticate_user( + self, + password: &str, + ) -> Result<User<'a, Self>, AuthenticationError<'a, Self>> { match self { DeviceWrapper::Storage(storage) => { authenticate_user_wrapper(storage, DeviceWrapper::Storage, password) @@ -395,7 +408,10 @@ impl<'a> Authenticate<'a> for DeviceWrapper<'a> { } } - fn authenticate_admin(self, password: &str) -> Result<Admin<'a, Self>, (Self, Error)> { + fn authenticate_admin( + self, + password: &str, + ) -> Result<Admin<'a, Self>, AuthenticationError<'a, Self>> { match self { DeviceWrapper::Storage(storage) => { authenticate_admin_wrapper(storage, DeviceWrapper::Storage, password) @@ -408,13 +424,19 @@ impl<'a> Authenticate<'a> for DeviceWrapper<'a> { } impl<'a> Authenticate<'a> for Pro<'a> { - fn authenticate_user(self, password: &str) -> Result<User<'a, Self>, (Self, Error)> { + fn authenticate_user( + self, + password: &str, + ) -> Result<User<'a, Self>, AuthenticationError<'a, Self>> { authenticate(self, password, |password_ptr, temp_password_ptr| unsafe { nitrokey_sys::NK_user_authenticate(password_ptr, temp_password_ptr) }) } - fn authenticate_admin(self, password: &str) -> Result<Admin<'a, Self>, (Self, Error)> { + fn authenticate_admin( + self, + password: &str, + ) -> Result<Admin<'a, Self>, AuthenticationError<'a, Self>> { authenticate(self, password, |password_ptr, temp_password_ptr| unsafe { nitrokey_sys::NK_first_authenticate(password_ptr, temp_password_ptr) }) @@ -422,13 +444,19 @@ impl<'a> Authenticate<'a> for Pro<'a> { } impl<'a> Authenticate<'a> for Storage<'a> { - fn authenticate_user(self, password: &str) -> Result<User<'a, Self>, (Self, Error)> { + fn authenticate_user( + self, + password: &str, + ) -> Result<User<'a, Self>, AuthenticationError<'a, Self>> { authenticate(self, password, |password_ptr, temp_password_ptr| unsafe { nitrokey_sys::NK_user_authenticate(password_ptr, temp_password_ptr) }) } - fn authenticate_admin(self, password: &str) -> Result<Admin<'a, Self>, (Self, Error)> { + fn authenticate_admin( + self, + password: &str, + ) -> Result<Admin<'a, Self>, AuthenticationError<'a, Self>> { authenticate(self, password, |password_ptr, temp_password_ptr| unsafe { nitrokey_sys::NK_first_authenticate(password_ptr, temp_password_ptr) }) |