ykpiv_translate_sw_ex shows where it was called from

Yubico · Jul 29, 2024 · f4eda01 · f4eda01
1 parent 9eb309e
commit f4eda01
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 35 deletions.
diff --git a/lib/util.c b/lib/util.c
@@ -880,7 +880,7 @@ ykpiv_rc ykpiv_util_generate_key(ykpiv_state *state, uint8_t slot, uint8_t algor
   if (YKPIV_OK != (res = _ykpiv_transfer_data(state, templ, in_data, (unsigned long)(in_ptr - in_data), data, &recv_len, &sw))) {
     goto Cleanup;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if (res != YKPIV_OK) {
     DBG("Failed to generate new key");
     goto Cleanup;
@@ -1372,7 +1372,7 @@ ykpiv_rc ykpiv_util_reset(ykpiv_state *state) {
   if(res != YKPIV_OK) {
     return res;
   }
-  return ykpiv_translate_sw(sw);
+  return ykpiv_translate_sw_ex(__FUNCTION__, sw);
 }
 
 uint32_t ykpiv_util_slot_object(uint8_t slot) {

diff --git a/lib/ykpiv.c b/lib/ykpiv.c
@@ -372,7 +372,7 @@ ykpiv_rc _ykpiv_select_application(ykpiv_state *state) {
   if((res = _ykpiv_transfer_data(state, templ, piv_aid, sizeof(piv_aid), data, &recv_len, &sw)) != YKPIV_OK) {
     return res;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if(res != YKPIV_OK) {
     DBG("Failed selecting application");
     return res;
@@ -745,36 +745,40 @@ ykpiv_rc _ykpiv_end_transaction(ykpiv_state *state) {
 }
 
 ykpiv_rc ykpiv_translate_sw(int sw) {
+  return ykpiv_translate_sw_ex(__FUNCTION__, sw);
+}
+
+ykpiv_rc ykpiv_translate_sw_ex(const char *whence, int sw) {
   switch(sw) {
     case SW_SUCCESS:
-      DBG2("SW_SUCCESS");
+      DBG2("%s: SW_SUCCESS", whence);
       return YKPIV_OK;
     case SW_ERR_SECURITY_STATUS:
-      DBG("SW_ERR_SECURITY_STATUS");
+      DBG("%s: SW_ERR_SECURITY_STATUS", whence);
       return YKPIV_AUTHENTICATION_ERROR;
     case SW_ERR_AUTH_BLOCKED:
-      DBG("SW_ERR_AUTH_BLOCKED");
+      DBG("%s: SW_ERR_AUTH_BLOCKED", whence);
       return YKPIV_PIN_LOCKED;
     case SW_ERR_INCORRECT_PARAM:
-      DBG("SW_ERR_INCORRECT_PARAM");
+      DBG("%s: SW_ERR_INCORRECT_PARAM", whence);
       return YKPIV_ARGUMENT_ERROR;
     case SW_ERR_FILE_NOT_FOUND:
-      DBG("SW_ERR_FILE_NOT_FOUND");
+      DBG("%s: SW_ERR_FILE_NOT_FOUND", whence);
       return YKPIV_INVALID_OBJECT;
     case SW_ERR_REFERENCE_NOT_FOUND:
-      DBG("SW_ERR_REFERENCE_NOT_FOUND");
+      DBG("%s: SW_ERR_REFERENCE_NOT_FOUND", whence);
       return YKPIV_KEY_ERROR;
     case SW_ERR_INCORRECT_SLOT:
-      DBG("SW_ERR_INCORRECT_SLOT");
+      DBG("%s: SW_ERR_INCORRECT_SLOT", whence);
       return YKPIV_KEY_ERROR;
     case SW_ERR_NOT_SUPPORTED:
-      DBG("SW_ERR_NOT_SUPPORTED");
+      DBG("%s: SW_ERR_NOT_SUPPORTED", whence);
       return YKPIV_NOT_SUPPORTED;
     case SW_ERR_CONDITIONS_OF_USE:
-      DBG("SW_ERR_CONDITIONS_OF_USE");
+      DBG("%s: SW_ERR_CONDITIONS_OF_USE", whence);
       return YKPIV_GENERIC_ERROR;
     default:
-      DBG("SW_%04x", sw);
+      DBG("%s: SW_%04x", whence, sw);
       return YKPIV_GENERIC_ERROR;
   }
 }
@@ -928,7 +932,7 @@ static ykpiv_rc _ykpiv_get_metadata(ykpiv_state *state, const unsigned char key,
     goto Cleanup;
   }
 
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
 
 Cleanup:
   return res;
@@ -998,7 +1002,7 @@ static ykpiv_rc _ykpiv_authenticate2(ykpiv_state *state, unsigned const char *ke
     if ((res = _ykpiv_send_apdu(state, &apdu, data, &recv_len, &sw)) != YKPIV_OK) {
       goto Cleanup;
     }
-    res = ykpiv_translate_sw(sw);
+    res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
     if (res != YKPIV_OK) {
       goto Cleanup;
     }
@@ -1046,7 +1050,7 @@ static ykpiv_rc _ykpiv_authenticate2(ykpiv_state *state, unsigned const char *ke
     if ((res = _ykpiv_send_apdu(state, &apdu, data, &recv_len, &sw)) != YKPIV_OK) {
       goto Cleanup;
     }
-    res = ykpiv_translate_sw(sw);
+    res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
     if (res != YKPIV_OK) {
       goto Cleanup;
     }
@@ -1144,7 +1148,7 @@ ykpiv_rc ykpiv_set_mgmkey3(ykpiv_state *state, const unsigned char *new_key, siz
   if ((res = _ykpiv_send_apdu(state, &apdu, data, &recv_len, &sw)) != YKPIV_OK) {
     goto Cleanup;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if (res == YKPIV_OK) {
     _cache_mgm_key(state, new_key, len);
     goto Cleanup;
@@ -1272,7 +1276,7 @@ static ykpiv_rc _general_authenticate(ykpiv_state *state,
   if((res = _ykpiv_transfer_data(state, templ, indata, (unsigned long)(dataptr - indata), data, &recv_len, &sw)) != YKPIV_OK) {
     return res;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if(res != YKPIV_OK) {
     DBG("Sign command failed");
     return res;
@@ -1362,7 +1366,7 @@ static ykpiv_rc _ykpiv_get_version(ykpiv_state *state) {
   if((res = _ykpiv_transfer_data(state, templ, NULL, 0, data, &recv_len, &sw)) != YKPIV_OK) {
     return res;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if(res == YKPIV_OK) {
 
     /* check that we received enough data for the verson number */
@@ -1423,7 +1427,7 @@ static ykpiv_rc _ykpiv_get_serial(ykpiv_state *state) {
     if ((res = _ykpiv_transfer_data(state, select_templ, yk_aid, sizeof(yk_aid), temp, &recv_len, &sw)) < YKPIV_OK) {
       goto Cleanup;
     }
-    res = ykpiv_translate_sw(sw);
+    res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
     if (res != YKPIV_OK) {
       DBG("Failed selecting yk application");
       goto Cleanup;
@@ -1436,7 +1440,7 @@ static ykpiv_rc _ykpiv_get_serial(ykpiv_state *state) {
     if ((res = _ykpiv_transfer_data(state, yk_get_serial_templ, NULL, 0, data, &recv_len, &sw)) < YKPIV_OK) {
       goto Cleanup;
     }
-    res = ykpiv_translate_sw(sw);
+    res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
     if (res != YKPIV_OK) {
       DBG("Failed retrieving serial number");
       goto Cleanup;
@@ -1447,7 +1451,7 @@ static ykpiv_rc _ykpiv_get_serial(ykpiv_state *state) {
     if((res = _ykpiv_transfer_data(state, select_templ, piv_aid, sizeof(piv_aid), temp, &recv_len, &sw)) < YKPIV_OK) {
       return res;
     }
-    res = ykpiv_translate_sw(sw);
+    res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
     if(res != YKPIV_OK) {
       DBG("Failed selecting piv application");
     }
@@ -1459,7 +1463,7 @@ static ykpiv_rc _ykpiv_get_serial(ykpiv_state *state) {
     if ((res = _ykpiv_transfer_data(state, yk5_get_serial_templ, NULL, 0, data, &recv_len, &sw)) != YKPIV_OK) {
       return res;
     }
-    res = ykpiv_translate_sw(sw);
+    res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
     if(res != YKPIV_OK) {
       DBG("Failed retrieving serial number");
     }
@@ -1599,7 +1603,7 @@ static ykpiv_rc _ykpiv_verify(ykpiv_state *state, char *pin, size_t *p_pin_len,
     state->tries = -1;
     return res;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if (res == YKPIV_OK) {
     if (!bio && pin && p_pin_len) {
       // Intentionally ignore errors.  If the PIN fails to save, it will only
@@ -1718,7 +1722,7 @@ ykpiv_rc ykpiv_set_pin_retries(ykpiv_state *state, int pin_tries, int puk_tries)
 
   res = _ykpiv_transfer_data(state, templ, NULL, 0, data, &recv_len, &sw);
   if (res == YKPIV_OK) {
-    res = ykpiv_translate_sw(sw);
+    res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   }
 
 Cleanup:
@@ -1760,7 +1764,7 @@ static ykpiv_rc _ykpiv_change_pin(ykpiv_state *state, int action, const char * c
   if(res != YKPIV_OK) {
     return res;
   } 
-  res = ykpiv_translate_sw(sw); 
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw); 
   if(res != YKPIV_OK) {
     if((sw >> 8) == 0x63) {
       if (tries) *tries = sw & 0xf;
@@ -1847,7 +1851,7 @@ ykpiv_rc _ykpiv_fetch_object(ykpiv_state *state, int object_id,
       != YKPIV_OK) {
     return res;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if(res == YKPIV_OK) {
     size_t outlen = 0;
     size_t offs = _ykpiv_get_length(data + 1, data + *len, &outlen);    
@@ -1909,7 +1913,7 @@ ykpiv_rc _ykpiv_save_object(
     &sw)) != YKPIV_OK) {
     return res;
   }
-  return ykpiv_translate_sw(sw);
+  return ykpiv_translate_sw_ex(__FUNCTION__, sw);
 }
 
 ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, unsigned char algorithm,
@@ -2074,7 +2078,7 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
   if ((res = _ykpiv_transfer_data(state, templ, key_data, (unsigned long)(in_ptr - key_data), data, &recv_len, &sw)) != YKPIV_OK) {
     goto Cleanup;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if (res != YKPIV_OK) {
     goto Cleanup;
   }
@@ -2103,7 +2107,7 @@ ykpiv_rc ykpiv_attest(ykpiv_state *state, const unsigned char key, unsigned char
   if ((res = _ykpiv_transfer_data(state, templ, NULL, 0, data, &ul_data_len, &sw)) != YKPIV_OK) {
     goto Cleanup;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if (res != YKPIV_OK) {
     goto Cleanup;
   }
@@ -2178,7 +2182,7 @@ ykpiv_rc ykpiv_auth_getchallenge(ykpiv_state *state, ykpiv_metadata *metadata, u
   if ((res = _ykpiv_send_apdu(state, &apdu, data, &recv_len, &sw)) != YKPIV_OK) {
     goto Cleanup;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if (res != YKPIV_OK) {
     goto Cleanup;
   }
@@ -2228,7 +2232,7 @@ ykpiv_rc ykpiv_auth_verifyresponse(ykpiv_state *state, ykpiv_metadata *metadata,
   if ((res = _ykpiv_send_apdu(state, &apdu, data, &recv_len, &sw)) != YKPIV_OK) {
     goto Cleanup;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if (res != YKPIV_OK) {
     goto Cleanup;
   }
@@ -2282,7 +2286,7 @@ static ykpiv_rc _ykpiv_auth_deauthenticate(ykpiv_state *state) {
   if ((res = _ykpiv_transfer_data(state, templ, aid, aid_len, data, &recv_len, &sw)) < YKPIV_OK) {
     return res;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if (res != YKPIV_OK) {
     DBG("Failed selecting mgmt/yk application");
   }
@@ -2318,7 +2322,7 @@ ykpiv_rc ykpiv_move_key(ykpiv_state *state, const unsigned char from_slot, const
   if ((res = _ykpiv_transfer_data(state, adpu, NULL, 0, data, &recv_len, &sw)) != YKPIV_OK) {
     return res;
   }
-  res = ykpiv_translate_sw(sw);
+  res = ykpiv_translate_sw_ex(__FUNCTION__, sw);
   if (res != YKPIV_OK) {
     DBG("Failed to move key");
   } else {

diff --git a/lib/ykpiv.h b/lib/ykpiv.h
@@ -94,6 +94,7 @@ extern "C"
   ykpiv_rc ykpiv_list_readers(ykpiv_state *state, char *readers, size_t *len);
   ykpiv_rc ykpiv_disconnect(ykpiv_state *state);
   ykpiv_rc ykpiv_translate_sw(int sw);
+  ykpiv_rc ykpiv_translate_sw_ex(const char *whence, int sw);
   ykpiv_rc ykpiv_transfer_data(ykpiv_state *state, const unsigned char *templ,
                                const unsigned char *in_data, long in_len,
                                unsigned char *out_data, unsigned long *out_len, int *sw);

diff --git a/ykcs11/token.c b/ykcs11/token.c
@@ -449,7 +449,7 @@ CK_RV token_generate_key(ykpiv_state *state, gen_info_t *gen, CK_BYTE key, CK_BY
   if((res = ykpiv_transfer_data(state, templ, in_data, in_ptr - in_data, data, &recv_len, &sw)) != YKPIV_OK) {
     return yrc_to_rv(res);
   }
-  if((res = ykpiv_translate_sw(sw)) != YKPIV_OK) {
+  if((res = ykpiv_translate_sw_ex(__FUNCTION__, sw)) != YKPIV_OK) {
     return yrc_to_rv(res);
   }