diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6842eca9..f1a2eee8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -36,13 +36,13 @@ jobs: toolchain: stable deps: true - platform: ubuntu-latest - toolchain: 1.74.0 # MSRV + toolchain: 1.81.0 # MSRV deps: sudo apt-get install libpcsclite-dev - platform: windows-latest - toolchain: 1.74.0 # MSRV + toolchain: 1.81.0 # MSRV deps: true - platform: macos-latest - toolchain: 1.74.0 # MSRV + toolchain: 1.81.0 # MSRV deps: true runs-on: ${{ matrix.platform }} steps: @@ -82,7 +82,7 @@ jobs: - uses: actions-rs/toolchain@v1 with: profile: minimal - toolchain: 1.74.0 # MSRV + toolchain: 1.81.0 # MSRV components: clippy override: true - run: sudo apt-get install libpcsclite-dev diff --git a/CHANGELOG.md b/CHANGELOG.md index a4a3df45..947727eb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## Unreleased +### Changed +- MSRV is now 1.81. + ## 0.8.0 (2023-08-15) ### Added - `impl Debug for {Context, YubiKey}` ([#457]) diff --git a/Cargo.toml b/Cargo.toml index ec5d52b5..b92d9e40 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -14,7 +14,7 @@ readme = "README.md" categories = ["api-bindings", "authentication", "cryptography", "hardware-support"] keywords = ["ecdsa", "encryption", "rsa", "piv", "signature"] edition = "2021" -rust-version = "1.65" +rust-version = "1.81" [workspace] members = [".", "cli"] diff --git a/README.md b/README.md index 37e1d2fa..aba7e829 100644 --- a/README.md +++ b/README.md @@ -214,7 +214,7 @@ or conditions. [docs-link]: https://docs.rs/yubikey/ [license-image]: https://img.shields.io/badge/license-BSD-blue.svg [license-link]: https://github.com/iqlusioninc/yubikey.rs/blob/main/COPYING -[msrv-image]: https://img.shields.io/badge/rustc-1.65+-blue.svg +[msrv-image]: https://img.shields.io/badge/rustc-1.81+-blue.svg [safety-image]: https://img.shields.io/badge/unsafe-forbidden-success.svg [safety-link]: https://github.com/rust-secure-code/safety-dance/ [build-image]: https://github.com/iqlusioninc/yubikey.rs/workflows/CI/badge.svg?branch=main&event=push diff --git a/cli/CHANGELOG.md b/cli/CHANGELOG.md index a389e986..58a8aa0e 100644 --- a/cli/CHANGELOG.md +++ b/cli/CHANGELOG.md @@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## Unreleased +### Changed +- MSRV is now 1.81. + ## 0.7.0 (2022-11-14) ### Changed - Bump `clap` to v4.0 ([#438]) diff --git a/cli/Cargo.toml b/cli/Cargo.toml index 385522f0..702ad920 100644 --- a/cli/Cargo.toml +++ b/cli/Cargo.toml @@ -12,7 +12,7 @@ readme = "README.md" categories = ["command-line-utilities", "cryptography", "hardware-support"] keywords = ["ecdsa", "rsa", "piv", "pcsc", "yubikey"] edition = "2021" -rust-version = "1.56" +rust-version = "1.81" [dependencies] clap = { version = "4", features = ["derive"] } diff --git a/cli/src/terminal.rs b/cli/src/terminal.rs index f6231628..6f57bb12 100644 --- a/cli/src/terminal.rs +++ b/cli/src/terminal.rs @@ -196,7 +196,7 @@ pub fn print_cert_info( print_cert_attr( stream, "Fingerprint", - &hex::upper::encode_string(&fingerprint), + hex::upper::encode_string(&fingerprint), )?; print_cert_attr( stream, diff --git a/src/error.rs b/src/error.rs index 7774b002..2f0d35e8 100644 --- a/src/error.rs +++ b/src/error.rs @@ -192,8 +192,8 @@ impl std::error::Error for Error { } } -impl From for Error { - fn from(_err: x509_cert::der::Error) -> Error { +impl From for Error { + fn from(_err: der::Error) -> Error { Error::ParseError } } diff --git a/src/mgm.rs b/src/mgm.rs index c8f41918..966f0849 100644 --- a/src/mgm.rs +++ b/src/mgm.rs @@ -155,15 +155,12 @@ impl MgmKey { pub fn get_protected(yubikey: &mut YubiKey) -> Result { let txn = yubikey.begin_transaction()?; - let protected_data = ProtectedData::read(&txn).map_err(|e| { - error!("could not read protected data (err: {:?})", e); - e - })?; + let protected_data = ProtectedData::read(&txn) + .inspect_err(|e| error!("could not read protected data (err: {:?})", e))?; - let item = protected_data.get_item(TAG_PROTECTED_MGM).map_err(|e| { - error!("could not read protected MGM from metadata (err: {:?})", e); - e - })?; + let item = protected_data + .get_item(TAG_PROTECTED_MGM) + .inspect_err(|e| error!("could not read protected MGM from metadata (err: {:?})", e))?; if item.len() != DES_LEN_3DES { error!( @@ -196,12 +193,10 @@ impl MgmKey { pub fn set_manual(&self, yubikey: &mut YubiKey, require_touch: bool) -> Result<()> { let txn = yubikey.begin_transaction()?; - txn.set_mgm_key(self, require_touch).map_err(|e| { + txn.set_mgm_key(self, require_touch) // Log a warning, since the device mgm key is corrupt or we're in a state // where we can't set the mgm key. - error!("could not set new derived mgm key, err = {}", e); - e - })?; + .inspect_err(|e| error!("could not set new derived mgm key, err = {}", e))?; // After this point, we've set the mgm key, so the function should succeed, // regardless of being able to set the metadata. @@ -255,12 +250,10 @@ impl MgmKey { pub fn set_protected(&self, yubikey: &mut YubiKey) -> Result<()> { let txn = yubikey.begin_transaction()?; - txn.set_mgm_key(self, false).map_err(|e| { + txn.set_mgm_key(self, false) // log a warning, since the device mgm key is corrupt or we're in // a state where we can't set the mgm key - error!("could not set new derived mgm key, err = {}", e); - e - })?; + .inspect_err(|e| error!("could not set new derived mgm key, err = {}", e))?; // after this point, we've set the mgm key, so the function should // succeed, regardless of being able to set the metadata @@ -272,10 +265,9 @@ impl MgmKey { if let Err(e) = protected_data.set_item(TAG_PROTECTED_MGM, self.as_ref()) { error!("could not set protected mgm item, err = {:?}", e); } else { - protected_data.write(&txn).map_err(|e| { - error!("could not write protected data, err = {:?}", e); - e - })?; + protected_data + .write(&txn) + .inspect_err(|e| error!("could not write protected data, err = {:?}", e))?; } // set the protected mgm flag in admin data diff --git a/src/msroots.rs b/src/msroots.rs index d1718f4a..b32f3b6c 100644 --- a/src/msroots.rs +++ b/src/msroots.rs @@ -96,10 +96,9 @@ impl MsRoots { } } - MsRoots::new(&data).map(Some).map_err(|e| { - error!("error parsing msroots: {:?}", e); - e - }) + MsRoots::new(&data) + .map(Some) + .inspect_err(|e| error!("error parsing msroots: {:?}", e)) } /// Write `msroots` file to YubiKey diff --git a/src/transaction.rs b/src/transaction.rs index 65140ad7..ccc743f3 100644 --- a/src/transaction.rs +++ b/src/transaction.rs @@ -66,10 +66,7 @@ impl<'tx> Transaction<'tx> { .p1(0x04) .data(piv::APPLET_ID) .transmit(self, 0xFF) - .map_err(|e| { - error!("failed communicating with card: '{}'", e); - e - })?; + .inspect_err(|e| error!("failed communicating with card: '{}'", e))?; if !response.is_success() { error!( @@ -335,10 +332,7 @@ impl<'tx> Transaction<'tx> { let response = self .transfer_data(&templ, &indata[..offset], 1024) - .map_err(|e| { - error!("sign command failed to communicate: {}", e); - e - })?; + .inspect_err(|e| error!("sign command failed to communicate: {}", e))?; if !response.is_success() { error!("failed sign command with code {:x}", response.code()); diff --git a/src/yubikey.rs b/src/yubikey.rs index fb62bc4a..6c1c2983 100644 --- a/src/yubikey.rs +++ b/src/yubikey.rs @@ -42,7 +42,7 @@ use crate::{ transaction::Transaction, }; use log::{error, info}; -use pcsc::{Card, Disposition}; +use pcsc::Card; use rand_core::{OsRng, RngCore}; use std::{ fmt::{self, Display}, @@ -293,7 +293,10 @@ impl YubiKey { /// `YubiKey` implements `Drop` which automatically disconnects the card using /// `Disposition::ResetCard`; you only need to call this function if you want to /// handle errors or use a different disposition method. - pub fn disconnect(self, disposition: Disposition) -> core::result::Result<(), (Self, Error)> { + pub fn disconnect( + self, + disposition: pcsc::Disposition, + ) -> core::result::Result<(), (Self, Error)> { let Self { card, name, @@ -523,15 +526,11 @@ impl YubiKey { admin_data .set_item(TAG_ADMIN_TIMESTAMP, &tnow) - .map_err(|e| { - error!("could not set pin timestamp, err = {}", e); - e - })?; + .inspect_err(|e| error!("could not set pin timestamp, err = {}", e))?; - admin_data.write(&txn).map_err(|e| { - error!("could not write admin data, err = {}", e); - e - })?; + admin_data + .write(&txn) + .inspect_err(|e| error!("could not write admin data, err = {}", e))?; Ok(()) } @@ -581,7 +580,7 @@ impl YubiKey { // Attempt to set the "PUK blocked" flag in admin data. let mut admin_data = AdminData::read(&txn) - .map(|data| { + .inspect(|data| { if let Ok(item) = data.get_item(TAG_ADMIN_FLAGS_1) { if item.len() == flags.len() { flags.copy_from_slice(item) @@ -593,8 +592,6 @@ impl YubiKey { ); } } - - data }) .unwrap_or_default(); @@ -703,10 +700,9 @@ impl<'a> TryFrom<&'a Reader<'_>> for YubiKey { type Error = Error; fn try_from(reader: &'a Reader<'_>) -> Result { - let mut card = reader.connect().map_err(|e| { - error!("error connecting to reader '{}': {}", reader.name(), e); - e - })?; + let mut card = reader + .connect() + .inspect_err(|e| error!("error connecting to reader '{}': {}", reader.name(), e))?; info!("connected to reader: {}", reader.name()); diff --git a/tests/integration.rs b/tests/integration.rs index e75d0f0f..615426c9 100644 --- a/tests/integration.rs +++ b/tests/integration.rs @@ -12,9 +12,7 @@ use signature::hazmat::PrehashVerifier; use std::{env, str::FromStr, sync::Mutex, time::Duration}; use x509_cert::{der::Encode, name::Name, serial_number::SerialNumber, time::Validity}; use yubikey::{ - certificate, - certificate::yubikey_signer, - certificate::Certificate, + certificate::{yubikey_signer, Certificate}, piv::{self, AlgorithmId, Key, ManagementSlotId, RetiredSlotId, SlotId}, Error, MgmKey, PinPolicy, Serial, TouchPolicy, YubiKey, }; @@ -317,8 +315,7 @@ fn test_read_metadata() { #[ignore] fn test_parse_cert_from_der() { let bob_der = std::fs::read("tests/assets/Bob.der").expect(".der file not found"); - let cert = - certificate::Certificate::from_bytes(bob_der).expect("Failed to parse valid certificate"); + let cert = Certificate::from_bytes(bob_der).expect("Failed to parse valid certificate"); assert_eq!( cert.subject(), "CN=Bob",