Skip to content

Commit c676a79

Browse files
Bravo555Bravo555
committed
refactor[pkcs11]: p11 server remove error code duplication
Signed-off-by: Marcel Guzik <[email protected]>
1 parent a70f207 commit c676a79

File tree

1 file changed

+37
-77
lines changed
  • crates/extensions/tedge-p11-server/src/proxy

1 file changed

+37
-77
lines changed

crates/extensions/tedge-p11-server/src/proxy/server.rs

Lines changed: 37 additions & 77 deletions
Original file line numberDiff line numberDiff line change
@@ -63,103 +63,63 @@ impl TedgeP11Server {
6363
let _ = connection.write_frame(&Frame1::Error(error));
6464
anyhow::bail!("protocol error: invalid request")
6565
}
66-
Frame1::ChooseSchemeRequest(request) => {
67-
let response = self.service.choose_scheme(request);
68-
match response {
69-
Ok(response) => Frame1::ChooseSchemeResponse(response),
70-
Err(err) => {
71-
let response = Frame1::Error(ProtocolError(format!(
72-
"PKCS #11 service failed: {err:#}"
73-
)));
74-
connection.write_frame(&response)?;
75-
anyhow::bail!(err);
76-
}
77-
}
78-
}
66+
67+
Frame1::ChooseSchemeRequest(request) => self
68+
.service
69+
.choose_scheme(request)
70+
.map(Frame1::ChooseSchemeResponse),
71+
7972
Frame1::SignRequest(request) => {
8073
let sign_request_2 = SignRequestWithSigScheme {
8174
to_sign: request.to_sign,
8275
uri: request.uri,
8376
sigscheme: None,
8477
pin: request.pin,
8578
};
86-
let response = self.service.sign(sign_request_2);
87-
match response {
88-
Ok(response) => Frame1::SignResponse(response),
89-
Err(err) => {
90-
let response = Frame1::Error(ProtocolError(format!(
91-
"PKCS #11 service failed: {err:#}"
92-
)));
93-
connection.write_frame(&response)?;
94-
anyhow::bail!(err);
95-
}
96-
}
79+
self.service.sign(sign_request_2).map(Frame1::SignResponse)
9780
}
81+
9882
Frame1::SignRequestWithSigScheme(request) => {
99-
let response = self.service.sign(request);
100-
match response {
101-
Ok(response) => Frame1::SignResponse(response),
102-
Err(err) => {
103-
let response = Frame1::Error(ProtocolError(format!(
104-
"PKCS #11 service failed: {err:#}"
105-
)));
106-
connection.write_frame(&response)?;
107-
anyhow::bail!(err);
108-
}
109-
}
110-
}
111-
Frame1::GetPublicKeyPemRequest(uri) => {
112-
let response = self.service.get_public_key_pem(uri.as_deref());
113-
match response {
114-
Ok(pubkey_pem) => Frame1::GetPublicKeyPemResponse(pubkey_pem),
115-
Err(err) => {
116-
let response = Frame1::Error(ProtocolError(format!(
117-
"PKCS #11 service failed: {err:#}"
118-
)));
119-
connection.write_frame(&response)?;
120-
anyhow::bail!(err);
121-
}
122-
}
83+
self.service.sign(request).map(Frame1::SignResponse)
12384
}
12485

86+
Frame1::GetPublicKeyPemRequest(uri) => self
87+
.service
88+
.get_public_key_pem(uri.as_deref())
89+
.map(Frame1::GetPublicKeyPemResponse),
90+
12591
// The Ping/Pong request does no PKCS11/cryptographic operations and is there only so a
12692
// client can confirm that tedge-p11-server is running and is ready to serve requests.
12793
// Notably, with systemd being configured to start the service when a request is
12894
// received on the associated socket, a Ping/Pong request triggers a service start and
12995
// ensures the PKCS11 library is loaded and ready to serve signing requests. In
13096
// practice, this only occurs with a client calls TedgeP11Client::with_ready_check.
131-
Frame1::Ping => Frame1::Pong,
132-
133-
Frame1::CreateKeyRequest(request) => {
134-
let response = self.service.create_key(request);
135-
match response {
136-
Ok(pubkey_der) => Frame1::CreateKeyResponse(pubkey_der),
137-
Err(err) => {
138-
let response = Frame1::Error(ProtocolError(format!(
139-
"PKCS #11 service failed: {err:#}"
140-
)));
141-
connection.write_frame(&response)?;
142-
anyhow::bail!(err);
143-
}
144-
}
145-
}
97+
Frame1::Ping => Ok(Frame1::Pong),
14698

147-
Frame1::GetTokensUrisRequest => {
148-
let response = self.service.get_tokens_uris();
149-
match response {
150-
Ok(response) => Frame1::GetTokensUrisResponse(response),
151-
Err(err) => {
152-
let response = Frame1::Error(ProtocolError(format!(
153-
"PKCS #11 service failed: {err:#}"
154-
)));
155-
connection.write_frame(&response)?;
156-
anyhow::bail!(err);
157-
}
158-
}
159-
}
99+
Frame1::CreateKeyRequest(request) => self
100+
.service
101+
.create_key(request)
102+
.map(Frame1::CreateKeyResponse),
103+
104+
Frame1::GetTokensUrisRequest => self
105+
.service
106+
.get_tokens_uris()
107+
.map(Frame1::GetTokensUrisResponse),
160108
};
161109

162-
connection.write_frame(&response).context("write")?;
110+
match response {
111+
Ok(response) => connection
112+
.write_frame(&response)
113+
.context("failed to write response")?,
114+
Err(err) => {
115+
let response =
116+
Frame1::Error(ProtocolError(format!("PKCS #11 service failed: {err:#}")));
117+
connection
118+
.write_frame(&response)
119+
.context("failed to write response")?;
120+
anyhow::bail!(err);
121+
}
122+
}
163123

164124
Ok(())
165125
}

0 commit comments

Comments
 (0)