idiomatic error handling #1
75
dtrfs_api/Cargo.lock
generated
75
dtrfs_api/Cargo.lock
generated
@ -36,7 +36,7 @@ dependencies = [
|
|||||||
"brotli",
|
"brotli",
|
||||||
"bytes",
|
"bytes",
|
||||||
"bytestring",
|
"bytestring",
|
||||||
"derive_more 0.99.18",
|
"derive_more",
|
||||||
"encoding_rs",
|
"encoding_rs",
|
||||||
"flate2",
|
"flate2",
|
||||||
"futures-core",
|
"futures-core",
|
||||||
@ -172,7 +172,7 @@ dependencies = [
|
|||||||
"bytestring",
|
"bytestring",
|
||||||
"cfg-if",
|
"cfg-if",
|
||||||
"cookie",
|
"cookie",
|
||||||
"derive_more 0.99.18",
|
"derive_more",
|
||||||
"encoding_rs",
|
"encoding_rs",
|
||||||
"futures-core",
|
"futures-core",
|
||||||
"futures-util",
|
"futures-util",
|
||||||
@ -488,15 +488,6 @@ version = "0.4.0"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "6245d59a3e82a7fc217c5828a6692dbc6dfb63a0c8c90495621f7b9d79704a0e"
|
checksum = "6245d59a3e82a7fc217c5828a6692dbc6dfb63a0c8c90495621f7b9d79704a0e"
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "convert_case"
|
|
||||||
version = "0.6.0"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "ec182b0ca2f35d8fc196cf3404988fd8b8c739a4d270ff118a398feb0cbec1ca"
|
|
||||||
dependencies = [
|
|
||||||
"unicode-segmentation",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "cookie"
|
name = "cookie"
|
||||||
version = "0.16.2"
|
version = "0.16.2"
|
||||||
@ -614,35 +605,13 @@ version = "0.99.18"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "5f33878137e4dafd7fa914ad4e259e18a4e8e532b9617a2d0150262bf53abfce"
|
checksum = "5f33878137e4dafd7fa914ad4e259e18a4e8e532b9617a2d0150262bf53abfce"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"convert_case 0.4.0",
|
"convert_case",
|
||||||
"proc-macro2",
|
"proc-macro2",
|
||||||
"quote",
|
"quote",
|
||||||
"rustc_version",
|
"rustc_version",
|
||||||
"syn",
|
"syn",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "derive_more"
|
|
||||||
version = "1.0.0"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "4a9b99b9cbbe49445b21764dc0625032a89b145a2642e67603e1c936f5458d05"
|
|
||||||
dependencies = [
|
|
||||||
"derive_more-impl",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "derive_more-impl"
|
|
||||||
version = "1.0.0"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "cb7330aeadfbe296029522e6c40f315320aba36fc43a5b3632f3795348f3bd22"
|
|
||||||
dependencies = [
|
|
||||||
"convert_case 0.6.0",
|
|
||||||
"proc-macro2",
|
|
||||||
"quote",
|
|
||||||
"syn",
|
|
||||||
"unicode-xid",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "digest"
|
name = "digest"
|
||||||
version = "0.10.7"
|
version = "0.10.7"
|
||||||
@ -694,7 +663,6 @@ dependencies = [
|
|||||||
"actix-web",
|
"actix-web",
|
||||||
"base64",
|
"base64",
|
||||||
"bincode",
|
"bincode",
|
||||||
"derive_more 1.0.0",
|
|
||||||
"ed25519-dalek",
|
"ed25519-dalek",
|
||||||
"lazy_static",
|
"lazy_static",
|
||||||
"regex",
|
"regex",
|
||||||
@ -703,6 +671,7 @@ dependencies = [
|
|||||||
"serde",
|
"serde",
|
||||||
"sev",
|
"sev",
|
||||||
"sha3",
|
"sha3",
|
||||||
|
"thiserror 2.0.10",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -1626,7 +1595,7 @@ checksum = "ba009ff324d1fc1b900bd1fdb31564febe58a8ccc8a6fdbb93b543d33b13ca43"
|
|||||||
dependencies = [
|
dependencies = [
|
||||||
"getrandom",
|
"getrandom",
|
||||||
"libredox",
|
"libredox",
|
||||||
"thiserror",
|
"thiserror 1.0.69",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -2051,7 +2020,16 @@ version = "1.0.69"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52"
|
checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"thiserror-impl",
|
"thiserror-impl 1.0.69",
|
||||||
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "thiserror"
|
||||||
|
version = "2.0.10"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "a3ac7f54ca534db81081ef1c1e7f6ea8a3ef428d2fc069097c079443d24124d3"
|
||||||
|
dependencies = [
|
||||||
|
"thiserror-impl 2.0.10",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -2065,6 +2043,17 @@ dependencies = [
|
|||||||
"syn",
|
"syn",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "thiserror-impl"
|
||||||
|
version = "2.0.10"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "9e9465d30713b56a37ede7185763c3492a91be2f5fa68d958c44e41ab9248beb"
|
||||||
|
dependencies = [
|
||||||
|
"proc-macro2",
|
||||||
|
"quote",
|
||||||
|
"syn",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "time"
|
name = "time"
|
||||||
version = "0.3.36"
|
version = "0.3.36"
|
||||||
@ -2200,18 +2189,6 @@ version = "1.0.14"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "adb9e6ca4f869e1180728b7950e35922a7fc6397f7b641499e8f3ef06e50dc83"
|
checksum = "adb9e6ca4f869e1180728b7950e35922a7fc6397f7b641499e8f3ef06e50dc83"
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "unicode-segmentation"
|
|
||||||
version = "1.12.0"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "f6ccf251212114b54433ec949fd6a7841275f9ada20dddd2f29e9ceea4501493"
|
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "unicode-xid"
|
|
||||||
version = "0.2.6"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853"
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "untrusted"
|
name = "untrusted"
|
||||||
version = "0.9.0"
|
version = "0.9.0"
|
||||||
|
|||||||
@ -6,7 +6,7 @@ edition = "2021"
|
|||||||
[dependencies]
|
[dependencies]
|
||||||
base64 = "0.22.1"
|
base64 = "0.22.1"
|
||||||
bincode = "1.3.3"
|
bincode = "1.3.3"
|
||||||
derive_more = {version = "1.0.0", features = ["full"] }
|
thiserror = "2.0.10"
|
||||||
regex = "1.11.1"
|
regex = "1.11.1"
|
||||||
sev = { version = "4.0", default-features = false, features = ['crypto_nossl','snp'] }
|
sev = { version = "4.0", default-features = false, features = ['crypto_nossl','snp'] }
|
||||||
ed25519-dalek = { version = "2.1.1", features = ["pem", "pkcs8"] }
|
ed25519-dalek = { version = "2.1.1", features = ["pem", "pkcs8"] }
|
||||||
|
|||||||
@ -4,7 +4,7 @@ mod snp;
|
|||||||
use crate::os::OsError;
|
use crate::os::OsError;
|
||||||
use actix_web::{get, post, web, App, Error, HttpRequest, HttpResponse, HttpServer, ResponseError};
|
use actix_web::{get, post, web, App, Error, HttpRequest, HttpResponse, HttpServer, ResponseError};
|
||||||
use base64::prelude::{Engine, BASE64_URL_SAFE};
|
use base64::prelude::{Engine, BASE64_URL_SAFE};
|
||||||
use derive_more::derive::{Display, Error, From};
|
use thiserror::Error;
|
||||||
use ed25519_dalek::{pkcs8::DecodePublicKey, Signature, Verifier, VerifyingKey};
|
use ed25519_dalek::{pkcs8::DecodePublicKey, Signature, Verifier, VerifyingKey};
|
||||||
use lazy_static::lazy_static;
|
use lazy_static::lazy_static;
|
||||||
use regex::Regex;
|
use regex::Regex;
|
||||||
@ -17,26 +17,26 @@ use std::{
|
|||||||
io::{BufReader, Read},
|
io::{BufReader, Read},
|
||||||
};
|
};
|
||||||
|
|
||||||
#[derive(Debug, Display, From, Error)]
|
#[derive(Debug, Error)]
|
||||||
pub enum DtrfsError {
|
pub enum DtrfsError {
|
||||||
#[display("OS error: {_0}")]
|
#[error("OS error: {0}")]
|
||||||
OsError(#[from] OsError),
|
OsError(#[from] OsError),
|
||||||
#[display("SNP error: {_0}")]
|
#[error("SNP error: {0}")]
|
||||||
SnpError(#[from] snp::SNPError),
|
SnpError(#[from] snp::SNPError),
|
||||||
#[display("Could not find admin key in cmdline")]
|
#[error("Could not find admin key in cmdline")]
|
||||||
AdminKeyNotFound,
|
AdminKeyNotFound,
|
||||||
#[display("Could not parse verifying key: {_0}")]
|
#[error("Could not parse verifying key: {0}")]
|
||||||
VerifyingKeyParsingError(ed25519_dalek::pkcs8::spki::Error),
|
VerifyingKeyParsingError(#[from] ed25519_dalek::pkcs8::spki::Error),
|
||||||
#[display("Could not get signature from request")]
|
#[error("Could not get signature from request")]
|
||||||
SignatureNotFound,
|
SignatureNotFound,
|
||||||
#[display("Base64 decoding error: {_0}")]
|
#[error("Base64 decoding error: {0}")]
|
||||||
Base64Error(base64::DecodeError),
|
Base64Error(#[from] base64::DecodeError),
|
||||||
#[display("IO error: {_0}")]
|
#[error("IO error: {0}")]
|
||||||
IoError(#[from] std::io::Error),
|
IoError(#[from] std::io::Error),
|
||||||
#[display("Error slicing into bytes: {_0}")]
|
#[error("Error slicing into bytes: {0}")]
|
||||||
SliceError(std::array::TryFromSliceError),
|
SliceError(#[from] std::array::TryFromSliceError),
|
||||||
#[display("Error verifying signature: {_0}")]
|
#[error("Error verifying signature: {0}")]
|
||||||
|
|
|||||||
SignatureVerificationError(ed25519_dalek::SignatureError),
|
SignatureVerificationError(#[from] ed25519_dalek::SignatureError),
|
||||||
}
|
}
|
||||||
|
|
||||||
impl ResponseError for DtrfsError {
|
impl ResponseError for DtrfsError {
|
||||||
|
|||||||
@ -3,7 +3,7 @@ use base64::{
|
|||||||
prelude::{Engine, BASE64_URL_SAFE},
|
prelude::{Engine, BASE64_URL_SAFE},
|
||||||
DecodeError,
|
DecodeError,
|
||||||
};
|
};
|
||||||
use derive_more::{Display, Error, From};
|
use thiserror::Error;
|
||||||
use std::{
|
use std::{
|
||||||
fs::File,
|
fs::File,
|
||||||
io::{self, BufRead, BufReader, Write},
|
io::{self, BufRead, BufReader, Write},
|
||||||
@ -12,31 +12,31 @@ use std::{
|
|||||||
string::FromUtf8Error,
|
string::FromUtf8Error,
|
||||||
};
|
};
|
||||||
|
|
||||||
#[derive(Debug, Display, Error, From)]
|
#[derive(Debug, Error)]
|
||||||
pub enum OsError {
|
pub enum OsError {
|
||||||
#[display(
|
#[error(
|
||||||
"OS installation script failed.\nScript stdout:\n{stdout}\nScript stderr:\n{stderr}"
|
"OS installation script failed.\nScript stdout:\n{stdout}\nScript stderr:\n{stderr}"
|
||||||
)]
|
)]
|
||||||
InstallationFailed { stdout: String, stderr: String },
|
InstallationFailed { stdout: String, stderr: String },
|
||||||
#[display("Could not decrypt disk.")]
|
#[error("Could not decrypt disk.")]
|
||||||
DecryptionFailed,
|
DecryptionFailed,
|
||||||
#[display("Could not mount /dev/mapper/root to /mnt")]
|
#[error("Could not mount /dev/mapper/root to /mnt")]
|
||||||
MountFailed,
|
MountFailed,
|
||||||
#[display("Could not try hot keyfile: {_0}")]
|
#[error("Could not try hot keyfile: {0}")]
|
||||||
TryHotKeyfileFailed(#[from] SNPError),
|
TryHotKeyfileFailed(#[from] SNPError),
|
||||||
#[display("Could not replace hot keyfile using SNP KDF.")]
|
#[error("Could not replace hot keyfile using SNP KDF.")]
|
||||||
ReplaceHotKeyfileFailed,
|
ReplaceHotKeyfileFailed,
|
||||||
#[display("Operating system not mounted. Please install OS or decrypt existing OS.")]
|
#[error("Operating system not mounted. Please install OS or decrypt existing OS.")]
|
||||||
OsNotMounted,
|
OsNotMounted,
|
||||||
#[display("Supplied key is expected to have at least two words.")]
|
#[error("Supplied key is expected to have at least two words.")]
|
||||||
InvalidSshKey,
|
InvalidSshKey,
|
||||||
#[display("authorized_keys already contains {err}")]
|
#[error("authorized_keys already contains {err}")]
|
||||||
SshKeyAlreadyExists { err: String },
|
SshKeyAlreadyExists { err: String },
|
||||||
#[display("I/O error: {_0}")]
|
#[error("I/O error: {0}")]
|
||||||
IoError(#[from] io::Error),
|
IoError(#[from] io::Error),
|
||||||
#[display("Base64 decoding error: {_0}")]
|
#[error("Base64 decoding error: {0}")]
|
||||||
Base64Error(#[from] DecodeError),
|
Base64Error(#[from] DecodeError),
|
||||||
#[display("UTF-8 conversion error: {_0}")]
|
#[error("UTF-8 conversion error: {0}")]
|
||||||
Utf8Error(#[from] FromUtf8Error),
|
Utf8Error(#[from] FromUtf8Error),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -1,17 +1,17 @@
|
|||||||
use base64::prelude::{Engine, BASE64_URL_SAFE};
|
use base64::prelude::{Engine, BASE64_URL_SAFE};
|
||||||
use derive_more::{Display, Error, From};
|
use thiserror::Error;
|
||||||
use sev::error::UserApiError;
|
use sev::error::UserApiError;
|
||||||
use sev::firmware::guest::{AttestationReport, DerivedKey, Firmware, GuestFieldSelect};
|
use sev::firmware::guest::{AttestationReport, DerivedKey, Firmware, GuestFieldSelect};
|
||||||
|
|
||||||
#[derive(Debug, Display, From, Error)]
|
#[derive(Debug, Error)]
|
||||||
ghe0
commented
I don't see mention of I don't see mention of `/dev/sev-guest` anywhere. I believe it is important to mention this file if the firmware fails to open.
|
|||||||
pub enum SNPError {
|
pub enum SNPError {
|
||||||
#[display("Could not parse the derived key: {_0}")]
|
#[error("Could not parse the derived key: {0}")]
|
||||||
KeyParsingError(#[from] std::num::ParseIntError),
|
KeyParsingError(#[from] std::num::ParseIntError),
|
||||||
#[display("authorized_keys already contains: {_0}")]
|
#[error("authorized_keys already contains: {0}")]
|
||||||
UserApiError(#[from] UserApiError),
|
UserApiError(#[from] UserApiError),
|
||||||
#[display("I/O error: {_0}")]
|
#[error("I/O error: {0}")]
|
||||||
FirmwareIOError(#[from] std::io::Error),
|
FirmwareIOError(#[from] std::io::Error),
|
||||||
#[display("bincode Base64 decoding error: {_0}")]
|
#[error("bincode Base64 decoding error: {0}")]
|
||||||
Base64Error(#[from] bincode::Error),
|
Base64Error(#[from] bincode::Error),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user
I see this error message got removed. In case dtrfs fails now, what error will be displayed in the console of the VM?
If someone runs this code to troubleshoot potential issues or to expand functionality, will that person receive an error informing about the missing certificate?