unwrap removals

Signed-off-by: Isaac Matthews <[email protected]>
keylime · Nov 14, 2023 · e1688ba · e1688ba
1 parent 3355c69
commit e1688ba
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 24 deletions.
diff --git a/keylime-agent/src/crypto.rs b/keylime-agent/src/crypto.rs
@@ -97,14 +97,9 @@ pub(crate) fn check_x509_key(
     // Id:RSA_PSS only added in rust-openssl from v0.10.59; remove this let and use Id::RSA_PSS after update
     // Id taken from https://boringssl.googlesource.com/boringssl/+/refs/heads/master/include/openssl/nid.h#4039
     let id_rsa_pss: Id = Id::from_raw(912);
-    match cert
-        .public_key()
-        .unwrap() //#[allow_ci]
-        .id()
-    {
+    match cert.public_key()?.id() {
         Id::RSA => {
-            let cert_n =
-                cert.public_key().unwrap().rsa().unwrap().n().to_vec(); //#[allow_ci]
+            let cert_n = cert.public_key()?.rsa()?.n().to_vec();
             let mut cert_n_str = format!("{:?}", cert_n);
             _ = cert_n_str.pop();
             _ = cert_n_str.remove(0);
@@ -115,8 +110,7 @@ pub(crate) fn check_x509_key(
             Ok(key_der_str.contains(&cert_n_str))
         }
         cert_id if cert_id == id_rsa_pss => {
-            let cert_n =
-                cert.public_key().unwrap().rsa().unwrap().n().to_vec(); //#[allow_ci]
+            let cert_n = cert.public_key()?.rsa()?.n().to_vec();
             let mut cert_n_str = format!("{:?}", cert_n);
             _ = cert_n_str.pop();
             _ = cert_n_str.remove(0);
@@ -127,13 +121,7 @@ pub(crate) fn check_x509_key(
             Ok(key_der_str.contains(&cert_n_str))
         }
         Id::EC => {
-            let cert_n = cert
-                .public_key()
-                .unwrap() //#[allow_ci]
-                .ec_key()
-                .unwrap() //#[allow_ci]
-                .public_key_to_der()
-                .unwrap(); //#[allow_ci]
+            let cert_n = cert.public_key()?.ec_key()?.public_key_to_der()?;
             let mut cert_n_str = format!("{:?}", cert_n);
             _ = cert_n_str.pop();
             _ = cert_n_str.remove(0);

diff --git a/keylime-agent/src/main.rs b/keylime-agent/src/main.rs
@@ -319,10 +319,12 @@ async fn main() -> Result<()> {
                     };
                     if crypto::check_x509_key(
                         &iakcert,
-                        iak.clone().unwrap().public, //#[allow_ci]
-                    )
-                    .unwrap(/*//#[allow_ci]*/)
-                    {
+                        iak.clone()
+                            .expect(
+                                "IAK could not be used in cert key check.",
+                            )
+                            .public,
+                    )? {
                         Some(iakcert)
                     } else {
                         error!("IAK template does not match certificate. Check template in configuration.");
@@ -352,10 +354,13 @@ async fn main() -> Result<()> {
                     };
                     if crypto::check_x509_key(
                         &idevcert,
-                        idevid.clone().unwrap().public, //#[allow_ci]
-                    )
-                    .unwrap(/*//#[allow_ci]*/)
-                    {
+                        idevid
+                            .clone()
+                            .expect(
+                                "IDevID could not be used in cert key check.",
+                            )
+                            .public,
+                    )? {
                         Some(idevcert)
                     } else {
                         error!("IDevID template does not match certificate. Check template in configuration.");