Raise specialized WolfCryptApiError for failed API calls.

This exception takes the return value and converts that to
a human-readable string (if error string support is compiled in.)

The specialized exception is derived from WolfCryptError meaning
that existing users will not notice the difference except for the
nicer description.

Author: roberthdevries

wolfcrypt/__init__.py

@@ -46,15 +46,14 @@
 if top_level_py not in ["setup.py", "build_ffi.py"]:
     from wolfcrypt._ffi import ffi as _ffi
     from wolfcrypt._ffi import lib as _lib
-    from wolfcrypt.exceptions import WolfCryptError
+    from wolfcrypt.exceptions import WolfCryptApiError
 
     if hasattr(_lib, 'WC_RNG_SEED_CB_ENABLED'):
         if _lib.WC_RNG_SEED_CB_ENABLED:
             ret = _lib.wc_SetSeed_Cb(_ffi.addressof(_lib, "wc_GenerateSeed"))
             if ret < 0:
-                raise WolfCryptError("wc_SetSeed_Cb failed (%d)" % ret)
+                raise WolfCryptApiError("wc_SetSeed_Cb failed", ret)
     if _lib.FIPS_ENABLED and _lib.FIPS_VERSION >= 5:
         ret = _lib.wolfCrypt_SetPrivateKeyReadEnable_fips(1, _lib.WC_KEYTYPE_ALL)
         if ret < 0:
-            raise WolfCryptError("wolfCrypt_SetPrivateKeyReadEnable_fips failed"
-                " (%d)" % ret)
+            raise WolfCryptApiError("wolfCrypt_SetPrivateKeyReadEnable_fips failed", ret)

wolfcrypt/asn.py

@@ -24,7 +24,7 @@
 
 from wolfcrypt._ffi import ffi as _ffi
 from wolfcrypt._ffi import lib as _lib
-from wolfcrypt.exceptions import WolfCryptError
+from wolfcrypt.exceptions import WolfCryptError, WolfCryptApiError
 
 if _lib.SHA_ENABLED:
     from wolfcrypt.hashes import Sha
@@ -41,8 +41,7 @@ def pem_to_der(pem, pem_type):
         ret = _lib.wc_PemToDer(pem, len(pem), pem_type, der, _ffi.NULL,
                                _ffi.NULL, _ffi.NULL)
         if ret != 0:
-            err = "Error converting from PEM to DER. ({})".format(ret)
-            raise WolfCryptError(err)
+            raise WolfCryptApiError("Error converting from PEM to DER.", ret)
 
         try:
             result = _ffi.buffer(der[0][0].buffer, der[0][0].length)[:]
@@ -54,15 +53,13 @@ def der_to_pem(der, pem_type):
         pem_length = _lib.wc_DerToPemEx(der, len(der), _ffi.NULL, 0, _ffi.NULL,
                                         pem_type)
         if pem_length <= 0:
-            err = "Error getting required PEM buffer length. ({})".format(pem_length)
-            raise WolfCryptError(err)
+            raise WolfCryptApiError("Error getting required PEM buffer length.", pem_length)
 
         pem = _ffi.new("byte[%d]" % pem_length)
         pem_length = _lib.wc_DerToPemEx(der, len(der), pem, pem_length,
                                         _ffi.NULL, pem_type)
         if pem_length <= 0:
-            err = "Error converting from DER to PEM. ({})".format(pem_length)
-            raise WolfCryptError(err)
+            raise WolfCryptApiError("Error converting from DER to PEM.", pem_length)
 
         return _ffi.buffer(pem, pem_length)[:]
 
@@ -76,8 +73,7 @@ def hash_oid_from_class(hash_cls):
         elif _lib.SHA512_ENABLED and hash_cls == Sha512:
             return _lib.SHA512h
         else:
-            err = "Unknown hash class {}.".format(hash_cls.__name__)
-            raise WolfCryptError(err)
+            raise WolfCryptError(f"Unknown hash class {hash_cls.__name__}")
 
     def make_signature(data, hash_cls, key=None):
         hash_obj = hash_cls()
@@ -89,8 +85,7 @@ def make_signature(data, hash_cls, key=None):
         plaintext_len = _lib.wc_EncodeSignature(plaintext_sig, digest,
                                                 len(digest), hash_oid)
         if plaintext_len == 0:
-            err = "Error calling wc_EncodeSignature. ({})".format(plaintext_len)
-            raise WolfCryptError(err)
+            raise WolfCryptError(f"Error calling wc_EncodeSignature. ({plaintext_len})")
 
         plaintext_sig = _ffi.buffer(plaintext_sig, plaintext_len)[:]
         if key: