fmt

kornelski · Dec 18, 2024 · 085d32c · 085d32c
1 parent a240237
commit 085d32c
Show file tree

Hide file tree

Showing 31 changed files with 277 additions and 520 deletions.
diff --git a/iostest/tests/ios_macos.rs b/iostest/tests/ios_macos.rs
@@ -22,9 +22,7 @@ use serial_test::serial;
 #[test]
 #[serial]
 fn insert_then_find_generic() {
-    let service_key = format!("{}", unsafe {
-        CFString::wrap_under_get_rule(kSecAttrService)
-    });
+    let service_key = format!("{}", unsafe { CFString::wrap_under_get_rule(kSecAttrService) });
     let mut names = vec![];
     for _ in 0..4 {
         let name = generate_random_string();
@@ -48,7 +46,7 @@ fn insert_then_find_generic() {
                         found += 1;
                     }
                 }
-            }
+            },
             _ => panic!("Got a non-dictionary from a password search"),
         }
     }
@@ -63,16 +61,12 @@ fn insert_then_find_generic() {
 #[cfg(target_os = "macos")]
 fn insert_then_find_generic_legacy() {
     let keychain = SecKeychain::default().unwrap();
-    let service_key = format!("{}", unsafe {
-        CFString::wrap_under_get_rule(kSecAttrService)
-    });
+    let service_key = format!("{}", unsafe { CFString::wrap_under_get_rule(kSecAttrService) });
     // create 4 legacy and 4 modern generic passwords
     let mut legacy_names = vec![];
     for _ in 0..4 {
         let name = generate_random_string();
-        keychain
-            .set_generic_password(&name, &name, name.as_bytes())
-            .unwrap();
+        keychain.set_generic_password(&name, &name, name.as_bytes()).unwrap();
         legacy_names.push(name);
     }
     let mut modern_names = vec![];
@@ -99,7 +93,7 @@ fn insert_then_find_generic_legacy() {
                         found += 1;
                     }
                 }
-            }
+            },
             _ => panic!("Got a non-dictionary from a password search"),
         }
     }
@@ -121,12 +115,8 @@ fn insert_then_find_generic_legacy() {
 #[test]
 #[serial]
 fn find_leftover_test_generic_passwords() {
-    let service_key = format!("{}", unsafe {
-        CFString::wrap_under_get_rule(kSecAttrService)
-    });
-    let username_key = format!("{}", unsafe {
-        CFString::wrap_under_get_rule(kSecAttrAccount)
-    });
+    let service_key = format!("{}", unsafe { CFString::wrap_under_get_rule(kSecAttrService) });
+    let username_key = format!("{}", unsafe { CFString::wrap_under_get_rule(kSecAttrAccount) });
     let mut found: Vec<String> = vec![];
     let results = ItemSearchOptions::new()
         .class(ItemClass::generic_password())
@@ -148,7 +138,7 @@ fn find_leftover_test_generic_passwords() {
                         }
                     }
                 }
-            }
+            },
             _ => panic!("Got a non-dictionary from a password search"),
         }
     }

diff --git a/security-framework-sys/src/cms.rs b/security-framework-sys/src/cms.rs
@@ -28,7 +28,7 @@ pub enum CMSSignerStatus {
     kCMSSignerInvalidIndex = 5,
 }
 
-pub type CMSSignedAttributes  = u32;
+pub type CMSSignedAttributes = u32;
 pub const kCMSAttrNone: CMSSignedAttributes = 0x0000;
 pub const kCMSAttrSmimeCapabilities: CMSSignedAttributes = 0x0001;
 pub const kCMSAttrSmimeEncryptionKeyPrefs: CMSSignedAttributes = 0x0002;
@@ -111,15 +111,9 @@ extern "C" {
         content_type_out: *mut CFDataRef,
     ) -> OSStatus;
 
-    pub fn CMSDecoderCopyAllCerts(
-        decoder: CMSDecoderRef,
-        certs_out: *mut CFArrayRef,
-    ) -> OSStatus;
+    pub fn CMSDecoderCopyAllCerts(decoder: CMSDecoderRef, certs_out: *mut CFArrayRef) -> OSStatus;
 
-    pub fn CMSDecoderCopyContent(
-        decoder: CMSDecoderRef,
-        content_out: *mut CFDataRef,
-    ) -> OSStatus;
+    pub fn CMSDecoderCopyContent(decoder: CMSDecoderRef, content_out: *mut CFDataRef) -> OSStatus;
 
     pub fn CMSDecoderCopySignerSigningTime(
         decoder: CMSDecoderRef,
@@ -146,7 +140,6 @@ extern "C" {
         certificate_refs: *mut CFArrayRef,
     ) -> OSStatus;
 
-
     // CMS encoder
 
     pub static kCMSEncoderDigestAlgorithmSHA1: CFStringRef;
@@ -161,15 +154,9 @@ extern "C" {
         digest_alogrithm: CFStringRef,
     ) -> OSStatus;
 
-    pub fn CMSEncoderAddSigners(
-        encoder: CMSEncoderRef,
-        signer_or_array: CFTypeRef,
-    ) -> OSStatus;
+    pub fn CMSEncoderAddSigners(encoder: CMSEncoderRef, signer_or_array: CFTypeRef) -> OSStatus;
 
-    pub fn CMSEncoderCopySigners(
-        encoder: CMSEncoderRef,
-        signers_out: *mut CFArrayRef,
-    ) -> OSStatus;
+    pub fn CMSEncoderCopySigners(encoder: CMSEncoderRef, signers_out: *mut CFArrayRef) -> OSStatus;
 
     pub fn CMSEncoderAddRecipients(
         encoder: CMSEncoderRef,

diff --git a/security-framework-sys/src/item.rs b/security-framework-sys/src/item.rs
@@ -14,7 +14,7 @@ extern "C" {
     pub static kSecMatchTrustedOnly: CFStringRef;
     pub static kSecMatchCaseInsensitive: CFStringRef;
     #[cfg(target_os = "macos")]
-    pub static kSecMatchSubjectWholeString: CFStringRef; 
+    pub static kSecMatchSubjectWholeString: CFStringRef;
 
     pub static kSecReturnData: CFStringRef;
     pub static kSecReturnAttributes: CFStringRef;

diff --git a/security-framework/examples/client.rs b/security-framework/examples/client.rs
@@ -4,17 +4,9 @@ use std::net::TcpStream;
 
 fn main() {
     let stream = TcpStream::connect("google.com:443").unwrap();
-    let mut stream = ClientBuilder::new()
-        .handshake("google.com", stream)
-        .unwrap();
-    println!(
-        "negotiated chipher: {:?}",
-        stream.context().negotiated_cipher().unwrap()
-    );
-    println!(
-        "negotiated version: {:?}",
-        stream.context().negotiated_protocol_version().unwrap()
-    );
+    let mut stream = ClientBuilder::new().handshake("google.com", stream).unwrap();
+    println!("negotiated chipher: {:?}", stream.context().negotiated_cipher().unwrap());
+    println!("negotiated version: {:?}", stream.context().negotiated_protocol_version().unwrap());
 
     stream.write_all(b"GET / HTTP/1.0\r\n\r\n").unwrap();
     stream.flush().unwrap();

diff --git a/security-framework/src/access_control.rs b/security-framework/src/access_control.rs
@@ -2,18 +2,16 @@
 
 use std::ptr::{self, null};
 
+use crate::base::{Error, Result};
+use core_foundation::base::{kCFAllocatorDefault, CFOptionFlags, TCFType};
 use core_foundation::string::CFString;
-use core_foundation::base::{TCFType, CFOptionFlags, kCFAllocatorDefault};
 use security_framework_sys::access_control::{
-    SecAccessControlGetTypeID, SecAccessControlCreateWithFlags,
-    kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly,
-    kSecAttrAccessibleWhenUnlockedThisDeviceOnly,
-    kSecAttrAccessibleWhenUnlocked,
-    kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly,
-    kSecAttrAccessibleAfterFirstUnlock
+    kSecAttrAccessibleAfterFirstUnlock, kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly,
+    kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly, kSecAttrAccessibleWhenUnlocked,
+    kSecAttrAccessibleWhenUnlockedThisDeviceOnly, SecAccessControlCreateWithFlags,
+    SecAccessControlGetTypeID,
 };
-use security_framework_sys::base::{SecAccessControlRef, errSecParam};
-use crate::base::{Error, Result};
+use security_framework_sys::base::{errSecParam, SecAccessControlRef};
 
 declare_TCFType! {
     /// A type representing sec access control settings.

diff --git a/security-framework/src/authorization.rs b/security-framework/src/authorization.rs
@@ -2,11 +2,9 @@
 
 /// # Potential improvements
 ///
-/// * When generic specialization stabilizes prevent copying from `CString`
-///   arguments.
+/// * When generic specialization stabilizes prevent copying from `CString` arguments.
 /// * `AuthorizationCopyRightsAsync`
 /// * Provide constants for well known item names
-
 use crate::base::{Error, Result};
 #[cfg(all(target_os = "macos", feature = "job-bless"))]
 use core_foundation::base::Boolean;
@@ -22,10 +20,10 @@ use security_framework_sys::authorization as sys;
 use security_framework_sys::base::errSecConversionError;
 use std::ffi::{CStr, CString};
 use std::fs::File;
+use std::marker::PhantomData;
 use std::mem::MaybeUninit;
 use std::os::raw::c_void;
 use std::ptr::addr_of;
-use std::marker::PhantomData;
 use sys::AuthorizationExternalForm;
 
 macro_rules! optional_str_to_cfref {
@@ -86,7 +84,8 @@ impl AuthorizationItem {
     ///
     /// If `name` isn't convertable to a `CString` it will return
     /// Err(errSecConversionError).
-    #[must_use] pub fn name(&self) -> &str {
+    #[must_use]
+    pub fn name(&self) -> &str {
         unsafe {
             CStr::from_ptr(self.0.name)
                 .to_str()
@@ -97,13 +96,13 @@ impl AuthorizationItem {
     /// The information pertaining to the name field. Do not rely on NULL
     /// termination of string data.
     #[inline]
-    #[must_use] pub fn value(&self) -> Option<&[u8]> {
+    #[must_use]
+    pub fn value(&self) -> Option<&[u8]> {
         if self.0.value.is_null() {
             return None;
         }
 
-        let value =
-            unsafe { std::slice::from_raw_parts(self.0.value as *const u8, self.0.valueLength) };
+        let value = unsafe { std::slice::from_raw_parts(self.0.value as *const u8, self.0.valueLength) };
 
         Some(value)
     }
@@ -441,7 +440,7 @@ impl Authorization {
             RightDefinition::FromExistingRight(def) => {
                 definition_cfstring = CFString::new(def);
                 definition_cfstring.as_CFTypeRef()
-            }
+            },
         };
 
         let status = unsafe {
@@ -478,14 +477,13 @@ impl Authorization {
             Some(tag) => {
                 tag_with_nul = cstring_or_err!(tag)?;
                 tag_with_nul.as_ptr()
-            }
+            },
             None => std::ptr::null(),
         };
 
         let mut inner = MaybeUninit::<*mut sys::AuthorizationItemSet>::uninit();
 
-        let status =
-            unsafe { sys::AuthorizationCopyInfo(self.handle, tag_ptr, inner.as_mut_ptr()) };
+        let status = unsafe { sys::AuthorizationCopyInfo(self.handle, tag_ptr, inner.as_mut_ptr()) };
 
         if status != sys::errAuthorizationSuccess {
             return Err(Error::from(status));
@@ -504,8 +502,7 @@ impl Authorization {
     pub fn make_external_form(&self) -> Result<sys::AuthorizationExternalForm> {
         let mut external_form = MaybeUninit::<sys::AuthorizationExternalForm>::uninit();
 
-        let status =
-            unsafe { sys::AuthorizationMakeExternalForm(self.handle, external_form.as_mut_ptr()) };
+        let status = unsafe { sys::AuthorizationMakeExternalForm(self.handle, external_form.as_mut_ptr()) };
 
         if status != sys::errAuthorizationSuccess {
             return Err(Error::from(status));

diff --git a/security-framework/src/certificate.rs b/security-framework/src/certificate.rs
@@ -53,8 +53,7 @@ impl SecCertificate {
     pub fn from_der(der_data: &[u8]) -> Result<Self> {
         let der_data = CFData::from_buffer(der_data);
         unsafe {
-            let certificate =
-                SecCertificateCreateWithData(kCFAllocatorDefault, der_data.as_concrete_TypeRef());
+            let certificate = SecCertificateCreateWithData(kCFAllocatorDefault, der_data.as_concrete_TypeRef());
             if certificate.is_null() {
                 Err(Error::from_code(errSecParam))
             } else {
@@ -73,7 +72,7 @@ impl SecCertificate {
     }
 
     /// Adds a certificate to a keychain.
-    #[cfg(target_os="macos")]
+    #[cfg(target_os = "macos")]
     pub fn add_to_keychain(&self, keychain: Option<SecKeychain>) -> Result<()> {
         let kch = match keychain {
             Some(kch) => kch,
@@ -154,8 +153,7 @@ impl SecCertificate {
     #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
     #[must_use]
     fn pk_to_der(&self, public_key: key::SecKey) -> Option<Vec<u8>> {
-        use security_framework_sys::item::kSecAttrKeyType;
-        use security_framework_sys::item::kSecAttrKeySizeInBits;
+        use security_framework_sys::item::{kSecAttrKeySizeInBits, kSecAttrKeyType};
 
         let public_key_attributes = public_key.attributes();
         let public_key_type = public_key_attributes
@@ -208,23 +206,18 @@ impl SecCertificate {
 
 #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
 fn get_asn1_header_bytes(pkt: CFString, ksz: u32) -> Option<&'static [u8]> {
-    use security_framework_sys::item::kSecAttrKeyTypeRSA;
-    use security_framework_sys::item::kSecAttrKeyTypeECSECPrimeRandom;
+    use security_framework_sys::item::{kSecAttrKeyTypeECSECPrimeRandom, kSecAttrKeyTypeRSA};
 
     if pkt == unsafe { CFString::wrap_under_get_rule(kSecAttrKeyTypeRSA) } && ksz == 2048 {
         return Some(&RSA_2048_ASN1_HEADER);
     }
     if pkt == unsafe { CFString::wrap_under_get_rule(kSecAttrKeyTypeRSA) } && ksz == 4096 {
         return Some(&RSA_4096_ASN1_HEADER);
     }
-    if pkt == unsafe { CFString::wrap_under_get_rule(kSecAttrKeyTypeECSECPrimeRandom) }
-        && ksz == 256
-    {
+    if pkt == unsafe { CFString::wrap_under_get_rule(kSecAttrKeyTypeECSECPrimeRandom) } && ksz == 256 {
         return Some(&EC_DSA_SECP_256_R1_ASN1_HEADER);
     }
-    if pkt == unsafe { CFString::wrap_under_get_rule(kSecAttrKeyTypeECSECPrimeRandom) }
-        && ksz == 384
-    {
+    if pkt == unsafe { CFString::wrap_under_get_rule(kSecAttrKeyTypeECSECPrimeRandom) } && ksz == 384 {
         return Some(&EC_DSA_SECP_384_R1_ASN1_HEADER);
     }
     None