update secure-env dependency and add secure-env error message

Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
hyperledger · May 10, 2024 · 81a925b · 81a925b
1 parent e1ff8a9
commit 81a925b
Show file tree

Hide file tree

Showing 4 changed files with 62 additions and 64 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -33,9 +33,9 @@ ffi = ["dep:ffi-support", "logger"]
 jemalloc = ["dep:jemallocator"]
 logger = ["dep:env_logger", "dep:log", "askar-storage/log"]
 migration = ["askar-storage/migration"]
+mobile_secure_element = ["askar-crypto/p256_hardware"]
 pg_test = ["askar-storage/pg_test"]
 postgres = ["askar-storage/postgres"]
-mobile_secure_element = ["askar-crypto/p256_hardware"]
 sqlite = ["askar-storage/sqlite"]
 
 [dependencies]

diff --git a/askar-crypto/Cargo.toml b/askar-crypto/Cargo.toml
@@ -27,7 +27,7 @@ default = ["alloc", "any_key", "all_keys", "crypto_box"]
 ec_curves = ["elliptic-curve", "k256", "p256", "p384"]
 ed25519 = ["curve25519-dalek", "ed25519-dalek", "x25519-dalek"]
 getrandom = ["rand/getrandom"]
-p256_hardware = ["secure-env", "p256", "uuid", "getrandom"]
+p256_hardware = ["secure-env", "ec_curves", "uuid", "getrandom"]
 std = ["alloc", "serde/std", "serde-json-core/std", "std_rng", "uuid/std"]
 std_rng = ["getrandom", "rand/std", "rand/std_rng"]
 
@@ -101,7 +101,7 @@ p384 = { version = "0.13", default-features = false, features = [
     "ecdh",
 ], optional = true }
 rand = { version = "0.8", default-features = false }
-secure-env = { package = "animo-secure-env", version = "0.2", optional = true }
+secure-env = { package = "animo-secure-env", version = "0.3", optional = true }
 serde = { version = "1.0", default-features = false, features = ["derive"] }
 serde-json-core = { version = "0.5", default-features = false }
 sha2 = { version = "0.10", default-features = false }

diff --git a/askar-crypto/src/alg/p256_hardware.rs b/askar-crypto/src/alg/p256_hardware.rs
@@ -22,28 +22,33 @@ use secure_env::{
 
 impl From<SecureEnvError> for Error {
     fn from(err: SecureEnvError) -> Self {
-        let kind = match err {
-            SecureEnvError::UnableToGenerateKey(_) => ErrorKind::Invalid,
-            SecureEnvError::UnableToGetKeyPairById(_) => ErrorKind::Invalid,
-            SecureEnvError::UnableToCreateSignature(_) => ErrorKind::Invalid,
-            SecureEnvError::UnableToGetPublicKey(_) => ErrorKind::Invalid,
-            SecureEnvError::HardwareBackedKeysAreNotSupported(_) => ErrorKind::Custom,
+        let (kind, _msg) = match err {
+            SecureEnvError::UnableToGenerateKey(s) => (ErrorKind::Invalid, s),
+            SecureEnvError::UnableToGetKeyPairById(s) => (ErrorKind::Invalid, s),
+            SecureEnvError::UnableToCreateSignature(s) => (ErrorKind::Invalid, s),
+            SecureEnvError::UnableToGetPublicKey(s) => (ErrorKind::Invalid, s),
 
             #[cfg(target_os = "android")]
-            SecureEnvError::UnableToCreateJavaValue(_) => ErrorKind::Custom,
+            SecureEnvError::HardwareBackedKeysAreNotSupported(s) => (ErrorKind::Custom, s),
             #[cfg(target_os = "android")]
-            SecureEnvError::UnableToAttachJVMToThread(_) => ErrorKind::Custom,
+            SecureEnvError::UnableToCreateJavaValue(s) => (ErrorKind::Custom, s),
+            #[cfg(target_os = "android")]
+            SecureEnvError::UnableToAttachJVMToThread(s) => (ErrorKind::Custom, s),
         };
 
-        Self {
+        #[cfg(feature = "alloc")]
+        return Self::from_msg(kind, alloc::boxed::Box::leak(_msg.into_boxed_str()));
+        #[cfg(not(feature = "alloc"))]
+        return Self {
             kind,
             message: None,
+            #[cfg(feature = "std")]
             cause: None,
-        }
+        };
     }
 }
 
-/// A P-256 (secp256r1) public key and reference to secret key stored in hardware
+/// A P-256 (secp256r1) reference to a key pair stored in hardware
 #[derive(Debug)]
 pub struct P256HardwareKeyPair(P256HardwareKeyReference);