cleaned up unwraps and expects

Goirad · Goirad · commit beb8ebc136bc · 2020-01-14T14:39:22.000-08:00
diff --git a/src/imp/openssl.rs b/src/imp/openssl.rs
@@ -171,12 +171,17 @@ impl Identity {
 
     pub fn from_pkcs8(buf: &[u8], key: &[u8]) -> Result<Identity, Error> {
         let pkey = PKey::private_key_from_pem(key)?;
-        let mut cert_chain = pem::PemBlock::new(buf).map(|buf| X509::from_pem(buf).unwrap());
+        let mut cert_chain = vec!();
+        for buf in pem::PemBlock::new(buf) {
+            cert_chain.push(X509::from_pem(buf)?);
+        }
+        let mut cert_chain = cert_chain.into_iter();
         let cert = cert_chain.next();
         let chain = cert_chain.collect();
         Ok(Identity {
             pkey,
-            cert: cert.expect("need identity cert"),
+            // an identity must have at least one certificate, the leaf cert
+            cert: cert.expect("at least one certificate must be provided to create an identity"),
             chain: chain,
         })
     }
diff --git a/src/imp/schannel.rs b/src/imp/schannel.rs
@@ -101,29 +101,27 @@ impl Identity {
     pub fn from_pkcs8(pem: &[u8], key: &[u8]) -> Result<Identity, Error> {
         let mut store = Memory::new()?.into_store();
         let mut cert_iter = crate::pem::PemBlock::new(pem).into_iter();
-        let leaf = cert_iter.next().unwrap();
-        let cert = CertContext::from_pem(std::str::from_utf8(leaf).unwrap()).unwrap();
+        let leaf = cert_iter.next().expect("at least one certificate must be provided to create an identity");
+        let cert = CertContext::from_pem(std::str::from_utf8(leaf).map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "leaf cert contains invalid utf8"))?)?;
 
         let mut options = AcquireOptions::new();
         options.container("schannel");
         let type_ = ProviderType::rsa_full();
 
         let mut container = match options.acquire(type_) {
             Ok(container) => container,
-            Err(_) => options.new_keyset(true).acquire(type_).unwrap(),
+            Err(_) => options.new_keyset(true).acquire(type_)?,
         };
-        let key = crate::pem::pem_to_der(key, Some(crate::pem::PEM_PRIVATE_KEY)).unwrap();
+        let key = crate::pem::pem_to_der(key, Some(crate::pem::PEM_PRIVATE_KEY)).expect("invalid PKCS8 key provided");
         container.import()
-            .import_pkcs8(&key)
-            .unwrap();
+            .import_pkcs8(&key)?;
 
         cert.set_key_prov_info()
             .container("schannel")
             .type_(type_)
             .keep_open(true)
             .key_spec(KeySpec::key_exchange())
-            .set()
-            .unwrap();
+            .set()?;
         let mut context = store.add_cert(&cert, CertAdd::Always)?;
 
         for int_cert in cert_iter {
diff --git a/src/imp/security_framework.rs b/src/imp/security_framework.rs
@@ -91,8 +91,7 @@ impl Identity {
         let dir = TempDir::new().unwrap();
         let keychain = keychain::CreateOptions::new()
                            .password("password")
-                           .create(dir.path().join("identity.keychain"))
-                           .unwrap();
+                           .create(dir.path().join("identity.keychain"))?;
 
         let mut items = SecItems::default();
 
