remove ERR_MSGs that are almost impossible

canokeys · Oct 12, 2023 · df568ee · df568ee
1 parent 958f1a8
commit df568ee
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 24 deletions.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -391,7 +391,7 @@ jobs:
         yubico-piv-tool -r "$RDID" -a set-mgm-key --key=F1F2F3F4F5F6F7F8F1F2F3F4F5F6F7F8F1F2F3F4F5F6F7F8 -n 010203040506070801020304050607080102030405060708
         export PIV_EXT_AUTH_KEY=$PWD/test-via-pcsc/PIV_EXT_AUTH_KEY.txt 
         # opensc 0.22.0~0.23.0 has a bug on External Auth. See opensc commit: a0aef25c7f2ce0ec2c7e1014f959f0fe86ff0479
-        piv-tool -vvv --reader "$RDID" --admin A:9B:03  # External Auth
+        piv-tool --reader "$RDID" --admin A:9B:03  # External Auth
         piv-tool --reader "$RDID" --admin M:9B:03  # Mutual Auth
         ## Key generation
         PIVGenKeyCert() {

diff --git a/applets/piv/piv.c b/applets/piv/piv.c
@@ -98,7 +98,6 @@ static int create_key(const char *path, key_usage_t usage, pin_policy_t pin_poli
                            .pin_policy = pin_policy,
                            .touch_policy = TOUCH_POLICY_NEVER}};
   if (ck_write_key(path, &key) < 0) {
-    ERR_MSG("Create key %s failed\n", path);
     return -1;
   }
   return 0;
@@ -219,7 +218,6 @@ int piv_install(uint8_t reset) {
                                  .touch_policy = TOUCH_POLICY_NEVER}};
   memcpy(admin_key.data, DEFAULT_MGMT_KEY, 24);
   if (ck_write_key(CARD_ADMIN_KEY_PATH, &admin_key) < 0) {
-    ERR_MSG("Write admin key failed\n");
     return -1;
   }
   uint8_t tmp = 0x01;
@@ -313,7 +311,6 @@ static int piv_get_large_data(const CAPDU *capdu, RAPDU *rapdu, const char *path
 
   int read = read_file(path, RDATA, 0, LE); // return first chunk
   if (read < 0) {
-    ERR_MSG("read file %s error: %d\n", path, read);
     return -1;
   }
   LL = read;
@@ -373,7 +370,6 @@ static int piv_get_data(const CAPDU *capdu, RAPDU *rapdu) {
     if (path == NULL) EXCEPT(SW_FILE_NOT_FOUND);
     int size = get_file_size(path);
     if (size < 0) {
-      ERR_MSG("read file size %s error: %d\n", path, size);
       return -1;
     }
     if (size == 0) EXCEPT(SW_FILE_NOT_FOUND);
@@ -389,12 +385,10 @@ static int piv_get_data_response(const CAPDU *capdu, RAPDU *rapdu) {
 
   int size = get_file_size(piv_do_path);
   if (size < 0) {
-    ERR_MSG("read file size %s error: %d\n", piv_do_path, size);
     return -1;
   }
   int read = read_file(piv_do_path, RDATA, piv_do_read, LE);
   if (read < 0) {
-    ERR_MSG("read file %s error: %d\n", piv_do_path, read);
     return -1;
   }
   DBG_MSG("continue to read file %s, expected: %d, read: %d\n", piv_do_path, LE, read);
@@ -517,7 +511,6 @@ static int piv_general_authenticate(const CAPDU *capdu, RAPDU *rapdu) {
     EXCEPT(SW_REFERENCE_DATA_NOT_FOUND);
   }
   if (ck_read_key_metadata(key_path, &key.meta) < 0) {
-    ERR_MSG("Read metadata of %s failed\n", key_path);
     return -1;
   }
   DBG_KEY_META(&key.meta);
@@ -573,7 +566,6 @@ static int piv_general_authenticate(const CAPDU *capdu, RAPDU *rapdu) {
       EXCEPT(SW_WRONG_LENGTH);
     }
     if (ck_read_key(key_path, &key) < 0) {
-      ERR_MSG("Read key failed\n");
       return -1;
     }
     DBG_KEY_META(&key.meta);
@@ -657,13 +649,11 @@ static int piv_general_authenticate(const CAPDU *capdu, RAPDU *rapdu) {
     auth_ctx[OFFSET_AUTH_STATE] = AUTH_STATE_EXTERNAL;
 
     if (ck_read_key(key_path, &key) < 0) {
-      ERR_MSG("Read key failed\n");
       return -1;
     }
     DBG_KEY_META(&key.meta);
 
     if (tdes_enc(RDATA + 4, auth_ctx + OFFSET_AUTH_CHALLENGE, key.data) < 0) {
-      ERR_MSG("TDEA failed\n");
       memzero(&key, sizeof(key));
       return -1;
     }
@@ -711,13 +701,11 @@ static int piv_general_authenticate(const CAPDU *capdu, RAPDU *rapdu) {
     LL = TDEA_BLOCK_SIZE + 4;
 
     if (ck_read_key(key_path, &key) < 0) {
-      ERR_MSG("Read key failed\n");
       return -1;
     }
     DBG_KEY_META(&key.meta);
 
     if (tdes_enc(auth_ctx + OFFSET_AUTH_CHALLENGE, RDATA + 4, key.data) < 0) {
-      ERR_MSG("TDEA failed\n");
       memzero(&key, sizeof(key));
       return -1;
     }
@@ -752,13 +740,11 @@ static int piv_general_authenticate(const CAPDU *capdu, RAPDU *rapdu) {
     LL = TDEA_BLOCK_SIZE + 4;
 
     if (ck_read_key(key_path, &key) < 0) {
-      ERR_MSG("Read key failed\n");
       return -1;
     }
     DBG_KEY_META(&key.meta);
 
     if (tdes_enc(DATA + pos[IDX_CHALLENGE], RDATA + 4, key.data) < 0) {
-      ERR_MSG("TDEA failed\n");
       memzero(&key, sizeof(key));
       return -1;
     }
@@ -785,7 +771,6 @@ static int piv_general_authenticate(const CAPDU *capdu, RAPDU *rapdu) {
       EXCEPT(SW_WRONG_DATA);
     }
     if (ck_read_key(key_path, &key) < 0) {
-      ERR_MSG("Read key failed\n");
       return -1;
     }
     DBG_KEY_META(&key.meta);
@@ -838,7 +823,6 @@ static int piv_put_data(const CAPDU *capdu, RAPDU *rapdu) {
     DBG_MSG("write file %s, first chunk length %d\n", path, size);
     int rc = write_file(path, DATA + 5, 0, size, 1);
     if (rc < 0) {
-      ERR_MSG("write file %s error: %d\n", path, rc);
       return -1;
     }
     if ((CLA & 0x10) != 0 && size < max_len) {
@@ -860,7 +844,6 @@ static int piv_put_data(const CAPDU *capdu, RAPDU *rapdu) {
     DBG_MSG("write file %s, continuous chunk length %d\n", piv_do_path, LC);
     int rc = append_file(piv_do_path, DATA, LC);
     if (rc < 0) {
-      ERR_MSG("write file %s error: %d\n", piv_do_path, rc);
       return -1;
     }
     if ((CLA & 0x10) == 0) { // last chunk
@@ -889,15 +872,13 @@ static int piv_generate_asymmetric_key_pair(const CAPDU *capdu, RAPDU *rapdu) {
   const char *key_path = get_key_path(P2);
   ck_key_t key;
   if (ck_read_key(key_path, &key) < 0) {
-    ERR_MSG("Fail to read key %s\n", key_path);
     return -1;
   }
 
   key.meta.type = algo_id_to_key_type(DATA[4]);
   if (key.meta.type == KEY_TYPE_PKC_END) EXCEPT(SW_WRONG_DATA);
   start_quick_blinking(0);
   if (ck_generate_key(&key) < 0) {
-    ERR_MSG("Generate key %s failed\n", key_path);
     return -1;
   }
   int err = ck_parse_piv_policies(&key, &DATA[5], LC - 5);
@@ -907,7 +888,6 @@ static int piv_generate_asymmetric_key_pair(const CAPDU *capdu, RAPDU *rapdu) {
     EXCEPT(SW_WRONG_DATA);
   }
   if (ck_write_key(key_path, &key) < 0) {
-    ERR_MSG("Write key %s failed\n", key_path);
     return -1;
   }
   DBG_MSG("Generate key %s successful\n", key_path);
@@ -955,7 +935,6 @@ static int piv_import_asymmetric_key(const CAPDU *capdu, RAPDU *rapdu) {
   }
   ck_key_t key;
   if (ck_read_key(key_path, &key) < 0) {
-    ERR_MSG("Fail to read key %s\n", key_path);
     return -1;
   }
 
@@ -1044,7 +1023,6 @@ static int piv_get_metadata(const CAPDU *capdu, RAPDU *rapdu) {
 
       ck_key_t key;
       if (ck_read_key(key_path, &key) < 0) {
-        ERR_MSG("Read key failed\n");
         return -1;
       }
       DBG_KEY_META(&key.meta);
@@ -1062,7 +1040,6 @@ static int piv_get_metadata(const CAPDU *capdu, RAPDU *rapdu) {
       RDATA[pos++] = 0x04; // Public
       int len = ck_encode_public_key(&key, &RDATA[pos], true);
       if (len < 0) {
-        ERR_MSG("Encode public key failed\n");
         memzero(&key, sizeof(key));
         return -1;
       }