diff --git a/keylime-agent/src/common.rs b/keylime-agent/src/common.rs index 36f29216..a8aa56ba 100644 --- a/keylime-agent/src/common.rs +++ b/keylime-agent/src/common.rs @@ -155,8 +155,7 @@ impl TryFrom<&[u8]> for SymmKey { Ok(SymmKey { bytes: v.to_vec() }) } other => Err(format!( - "key length {} does not correspond to valid GCM cipher", - other + "key length {other} does not correspond to valid GCM cipher" )), } } diff --git a/keylime-agent/src/config.rs b/keylime-agent/src/config.rs index ca835568..4ae5a226 100644 --- a/keylime-agent/src/config.rs +++ b/keylime-agent/src/config.rs @@ -480,7 +480,7 @@ fn config_translate_keywords( let mut revocation_cert = config_get_file_path( &config.agent.revocation_cert, &keylime_dir, - &format!("secure/unzipped/{}", DEFAULT_REVOCATION_CERT), + &format!("secure/unzipped/{DEFAULT_REVOCATION_CERT}"), ); let tpm_ownerpassword = match config.agent.tpm_ownerpassword { diff --git a/keylime-agent/src/crypto.rs b/keylime-agent/src/crypto.rs index 42b658a7..13b6cd4b 100644 --- a/keylime-agent/src/crypto.rs +++ b/keylime-agent/src/crypto.rs @@ -30,8 +30,7 @@ use crate::{ // Read a X509 cert or cert chain and outputs the first certificate pub(crate) fn load_x509(input_cert_path: &Path) -> Result { - let contents = read_to_string(input_cert_path)?; - let mut cert_chain = X509::stack_from_pem(contents.as_bytes())?; + let mut cert_chain = load_x509_cert_chain(input_cert_path)?; if cert_chain.len() != 1 { return Err(Error::Other( @@ -44,6 +43,14 @@ pub(crate) fn load_x509(input_cert_path: &Path) -> Result { Ok(cert) } +pub(crate) fn load_x509_cert_chain( + input_cert_path: &Path, +) -> Result> { + let contents = read_to_string(input_cert_path)?; + + X509::stack_from_pem(contents.as_bytes()).map_err(Error::Crypto) +} + /// Write a X509 certificate to a file in PEM format pub(crate) fn write_x509(cert: &X509, file_path: &Path) -> Result<()> { let mut file = std::fs::File::create(file_path)?; @@ -125,8 +132,7 @@ pub(crate) fn pkey_pub_from_priv( PKey::from_rsa(rsa).map_err(Error::Crypto) } id => Err(Error::Other(format!( - "pkey_pub_from_priv not yet implemented for key type {:?}", - id + "pkey_pub_from_priv not yet implemented for key type {id:?}" ))), } } @@ -161,7 +167,7 @@ pub(crate) fn generate_x509(key: &PKey, uuid: &str) -> Result { pub(crate) fn generate_mtls_context( mtls_cert: &X509, key: &PKey, - keylime_ca_cert: X509, + keylime_ca_certs: Vec, ) -> Result { let mut ssl_context_builder = SslAcceptor::mozilla_intermediate(SslMethod::tls())?; @@ -170,7 +176,10 @@ pub(crate) fn generate_mtls_context( // Build verification cert store. let mut mtls_store_builder = X509StoreBuilder::new()?; - mtls_store_builder.add_cert(keylime_ca_cert)?; + for cert in keylime_ca_certs { + mtls_store_builder.add_cert(cert)?; + } + let mtls_store = mtls_store_builder.build(); ssl_context_builder.set_verify_cert_store(mtls_store); @@ -313,8 +322,7 @@ pub(crate) fn decrypt_aead(key: &[u8], data: &[u8]) -> Result> { AES_256_KEY_LEN => Cipher::aes_256_gcm(), other => { return Err(Error::Other(format!( - "key length {} does not correspond to valid GCM cipher", - other + "key length {other} does not correspond to valid GCM cipher" ))) } }; @@ -385,9 +393,8 @@ pub mod testing { AES_256_KEY_LEN => Cipher::aes_256_gcm(), other => { return Err(Error::Other(format!( - "key length {} does not correspond to valid GCM cipher", - other - ))) + "key length {other} does not correspond to valid GCM cipher" + ))) } }; if iv.len() != AES_BLOCK_SIZE { @@ -484,7 +491,7 @@ mod tests { .join("test-data") .join("test-rsa.pem"); - let (pub_key, priv_key) = rsa_import_pair(&rsa_key_path) + let (pub_key, priv_key) = rsa_import_pair(rsa_key_path) .expect("unable to import RSA key pair"); let plaintext = b"0123456789012345"; let ciphertext = rsa_oaep_encrypt(&pub_key, &plaintext[..]) diff --git a/keylime-agent/src/error.rs b/keylime-agent/src/error.rs index 2009114a..49214ff9 100644 --- a/keylime-agent/src/error.rs +++ b/keylime-agent/src/error.rs @@ -96,8 +96,7 @@ impl Error { match self { Error::Registrar { addr, code } => Ok(*code), other => Err(Error::Other(format!( - "cannot get http code for Error type {}", - other + "cannot get http code for Error type {other}" ))), } } @@ -106,8 +105,7 @@ impl Error { match self { Error::Execution(code, _) => Ok(code.to_owned()), other => Err(Error::Other(format!( - "cannot get execution status code for Error type {}", - other + "cannot get execution status code for Error type {other}" ))), } } @@ -116,8 +114,7 @@ impl Error { match self { Error::Execution(_, stderr) => Ok(stderr.to_owned()), other => Err(Error::Other(format!( - "cannot get stderr for Error type {}", - other + "cannot get stderr for Error type {other}" ))), } } @@ -139,7 +136,7 @@ impl From for Error { } else { None }; - let message = format!("{}", err); + let message = format!("{err}"); Error::Tss2 { err, kind, message } } diff --git a/keylime-agent/src/errors_handler.rs b/keylime-agent/src/errors_handler.rs index b567f7c9..fb1cbd88 100644 --- a/keylime-agent/src/errors_handler.rs +++ b/keylime-agent/src/errors_handler.rs @@ -20,8 +20,7 @@ pub(crate) async fn app_default(req: HttpRequest) -> impl Responder { http::Method::GET => { error = 400; message = format!( - "Not Implemented: Use /version or /{}/ interfaces", - API_VERSION + "Not Implemented: Use /version or /{API_VERSION}/ interfaces" ); response = HttpResponse::BadRequest() .json(JsonWrapper::error(error, &message)); @@ -29,7 +28,7 @@ pub(crate) async fn app_default(req: HttpRequest) -> impl Responder { http::Method::POST => { error = 400; message = - format!("Not Implemented: Use /{}/ interface", API_VERSION); + format!("Not Implemented: Use /{API_VERSION}/ interface"); response = HttpResponse::BadRequest() .json(JsonWrapper::error(error, &message)); } @@ -204,7 +203,7 @@ pub(crate) async fn version_not_supported( req: HttpRequest, version: web::Path, ) -> impl Responder { - let message = format!("API version not supported: {}", version); + let message = format!("API version not supported: {version}"); warn!("{} returning 400 response. {}", req.head().method, message); diff --git a/keylime-agent/src/keys_handler.rs b/keylime-agent/src/keys_handler.rs index 4424e721..55d04ce6 100644 --- a/keylime-agent/src/keys_handler.rs +++ b/keylime-agent/src/keys_handler.rs @@ -310,11 +310,11 @@ mod tests { App::new() .app_data(quotedata.clone()) .route( - &format!("/{}/keys/ukey", API_VERSION), + &format!("/{API_VERSION}/keys/ukey"), web::post().to(u_key), ) .route( - &format!("/{}/keys/vkey", API_VERSION), + &format!("/{API_VERSION}/keys/vkey"), web::post().to(v_key), ), ) @@ -374,7 +374,7 @@ mod tests { }; let req = test::TestRequest::post() - .uri(&format!("/{}/keys/ukey", API_VERSION,)) + .uri(&format!("/{API_VERSION}/keys/ukey")) .set_json(&ukey) .to_request(); @@ -389,7 +389,7 @@ mod tests { }; let req = test::TestRequest::post() - .uri(&format!("/{}/keys/vkey", API_VERSION,)) + .uri(&format!("/{API_VERSION}/keys/vkey")) .set_json(&vkey) .to_request(); @@ -438,13 +438,13 @@ mod tests { let quotedata = web::Data::new(QuoteData::fixture().unwrap()); //#[allow_ci] let mut app = test::init_service(App::new().app_data(quotedata.clone()).route( - &format!("/{}/keys/pubkey", API_VERSION), + &format!("/{API_VERSION}/keys/pubkey"), web::get().to(pubkey), )) .await; let req = test::TestRequest::get() - .uri(&format!("/{}/keys/pubkey", API_VERSION,)) + .uri(&format!("/{API_VERSION}/keys/pubkey")) .to_request(); let resp = test::call_service(&app, req).await; @@ -471,7 +471,7 @@ mod tests { let mut app = test::init_service(App::new().app_data(quotedata.clone()).route( - &format!("/{}/keys/verify", API_VERSION), + &format!("/{API_VERSION}/keys/verify"), web::get().to(verify), )) .await; @@ -479,10 +479,7 @@ mod tests { let challenge = "1234567890ABCDEFGHIJ"; let req = test::TestRequest::get() - .uri(&format!( - "/{}/keys/verify?challenge={}", - API_VERSION, challenge - )) + .uri(&format!("/{API_VERSION}/keys/verify?challenge={challenge}")) .to_request(); let resp = test::call_service(&app, req).await; @@ -490,7 +487,7 @@ mod tests { let result: JsonWrapper = test::read_body_json(resp).await; - let response_hmac = hex::decode(&result.results.hmac).unwrap(); //#[allow_ci] + let response_hmac = hex::decode(result.results.hmac).unwrap(); //#[allow_ci] // The expected result is an HMAC-SHA384 using: // key (hexadecimal): 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f diff --git a/keylime-agent/src/main.rs b/keylime-agent/src/main.rs index 1d6fdf44..1d5b4b8c 100644 --- a/keylime-agent/src/main.rs +++ b/keylime-agent/src/main.rs @@ -230,7 +230,7 @@ pub(crate) fn optional_unzip_payload( info!("Unzipping payload {} to {:?}", &zipped_payload, unzipped); - let mut source = fs::File::open(&zipped_payload_path)?; + let mut source = fs::File::open(zipped_payload_path)?; uncompress_archive(&mut source, unzipped, Ownership::Ignore)?; } @@ -479,8 +479,7 @@ async fn main() -> Result<()> { ctx.as_mut().tr_set_auth(Hierarchy::Endorsement.into(), auth) .map_err(|e| { Error::Configuration(format!( - "Failed to set TPM context password for Endorsement Hierarchy: {}", - e + "Failed to set TPM context password for Endorsement Hierarchy: {e}" )) })?; }; @@ -691,23 +690,24 @@ async fn main() -> Result<()> { ))); } - let keylime_ca_cert = match crypto::load_x509(&ca_cert_path) { - Ok(t) => Ok(t), - Err(e) => { - error!( - "Failed to load trusted CA certificate {}: {}", - ca_cert_path.display(), - e - ); - Err(e) - } - }?; + let keylime_ca_certs = + match crypto::load_x509_cert_chain(&ca_cert_path) { + Ok(t) => Ok(t), + Err(e) => { + error!( + "Failed to load trusted CA certificate {}: {}", + ca_cert_path.display(), + e + ); + Err(e) + } + }?; mtls_cert = Some(&cert); ssl_context = Some(crypto::generate_mtls_context( &cert, &nk_priv, - keylime_ca_cert, + keylime_ca_certs, )?); } else { mtls_cert = None; @@ -848,7 +848,7 @@ async fn main() -> Result<()> { .error_handler(errors_handler::path_parser_error), ) .service( - web::scope(&format!("/{}", API_VERSION)) + web::scope(&format!("/{API_VERSION}")) .service( web::scope("/keys") .service(web::resource("/pubkey").route( @@ -1007,7 +1007,7 @@ mod testing { .join("test-rsa.pem"); let (nk_pub, nk_priv) = - crypto::testing::rsa_import_pair(&rsa_key_path)?; + crypto::testing::rsa_import_pair(rsa_key_path)?; let mut encr_payload = Vec::new(); diff --git a/keylime-agent/src/notifications_handler.rs b/keylime-agent/src/notifications_handler.rs index 1d7e1a78..07467646 100644 --- a/keylime-agent/src/notifications_handler.rs +++ b/keylime-agent/src/notifications_handler.rs @@ -26,7 +26,7 @@ pub async fn revocation( Err(e) => { return HttpResponse::BadRequest().json(JsonWrapper::error( 400, - format!("JSON parsing error: {}", e), + format!("JSON parsing error: {e}"), )); } }; @@ -107,7 +107,7 @@ mod tests { let mut app = test::init_service(App::new().app_data(quotedata.clone()).route( - &format!("/{}/notifications/revocation", API_VERSION), + &format!("/{API_VERSION}/notifications/revocation"), web::post().to(revocation), )) .await; @@ -127,7 +127,7 @@ mod tests { }; let req = test::TestRequest::post() - .uri(&format!("/{}/notifications/revocation", API_VERSION,)) + .uri(&format!("/{API_VERSION}/notifications/revocation",)) .set_json(&revocation) .to_request(); diff --git a/keylime-agent/src/permissions.rs b/keylime-agent/src/permissions.rs index 86e3fae2..aa240d94 100644 --- a/keylime-agent/src/permissions.rs +++ b/keylime-agent/src/permissions.rs @@ -37,7 +37,7 @@ impl TryFrom<&str> for UserIds { let parts = value.split(':').collect::>(); if parts.len() != 2 { - let e = format!("Invalid parameter format: {} cannot be parsed as 'user:group'", value); + let e = format!("Invalid parameter format: {value} cannot be parsed as 'user:group'"); error!("{}", e); return Err(Error::Conversion(e)); } @@ -56,8 +56,7 @@ impl TryFrom<&str> for UserIds { unsafe { (*p) } } else { return Err(Error::Conversion(format!( - "Failed to convert {} to CString", - group + "Failed to convert {group} to CString" ))); }; @@ -72,8 +71,7 @@ impl TryFrom<&str> for UserIds { unsafe { (*p) } } else { return Err(Error::Conversion(format!( - "Failed to convert {} to CString", - user + "Failed to convert {user} to CString" ))); }; diff --git a/keylime-agent/src/quotes_handler.rs b/keylime-agent/src/quotes_handler.rs index 28dc0e4b..5f1d23e4 100644 --- a/keylime-agent/src/quotes_handler.rs +++ b/keylime-agent/src/quotes_handler.rs @@ -348,15 +348,14 @@ mod tests { let quotedata = web::Data::new(QuoteData::fixture().unwrap()); //#[allow_ci] let mut app = test::init_service(App::new().app_data(quotedata.clone()).route( - &format!("/{}/quotes/identity", API_VERSION), + &format!("/{API_VERSION}/quotes/identity"), web::get().to(identity), )) .await; let req = test::TestRequest::get() .uri(&format!( - "/{}/quotes/identity?nonce=1234567890ABCDEFHIJ", - API_VERSION, + "/{API_VERSION}/quotes/identity?nonce=1234567890ABCDEFHIJ", )) .to_request(); @@ -390,15 +389,14 @@ mod tests { let quotedata = web::Data::new(QuoteData::fixture().unwrap()); //#[allow_ci] let mut app = test::init_service(App::new().app_data(quotedata.clone()).route( - &format!("/{}/quotes/integrity", API_VERSION), + &format!("/{API_VERSION}/quotes/integrity"), web::get().to(integrity), )) .await; let req = test::TestRequest::get() .uri(&format!( - "/{}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&vmask=0x808000&partial=0", - API_VERSION, + "/{API_VERSION}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&vmask=0x808000&partial=0", )) .to_request(); @@ -437,7 +435,7 @@ mod tests { ) .expect("unable to verify quote"); } - Err(e) => panic!("Could not read IMA file: {}", e), //#[allow_ci] + Err(e) => panic!("Could not read IMA file: {e}"), //#[allow_ci] } } else { panic!("IMA file was None"); //#[allow_ci] @@ -449,15 +447,14 @@ mod tests { let quotedata = web::Data::new(QuoteData::fixture().unwrap()); //#[allow_ci] let mut app = test::init_service(App::new().app_data(quotedata.clone()).route( - &format!("/{}/quotes/integrity", API_VERSION), + &format!("/{API_VERSION}/quotes/integrity"), web::get().to(integrity), )) .await; let req = test::TestRequest::get() .uri(&format!( - "/{}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&vmask=0x808000&partial=1", - API_VERSION, + "/{API_VERSION}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&vmask=0x808000&partial=1", )) .to_request(); @@ -482,7 +479,7 @@ mod tests { ); assert!(result.results.quote.starts_with('r')); } - Err(e) => panic!("Could not read IMA file: {}", e), //#[allow_ci] + Err(e) => panic!("Could not read IMA file: {e}"), //#[allow_ci] } } else { panic!("IMA file was None"); //#[allow_ci] @@ -506,15 +503,14 @@ mod tests { let data = web::Data::new(quotedata); let mut app = test::init_service(App::new().app_data(data.clone()).route( - &format!("/{}/quotes/integrity", API_VERSION), + &format!("/{API_VERSION}/quotes/integrity"), web::get().to(integrity), )) .await; let req = test::TestRequest::get() .uri(&format!( - "/{}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&vmask=0x808000&partial=0", - API_VERSION, + "/{API_VERSION}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&vmask=0x808000&partial=0", )) .to_request(); diff --git a/keylime-agent/src/registrar_agent.rs b/keylime-agent/src/registrar_agent.rs index 1d4312f9..b69c820f 100644 --- a/keylime-agent/src/registrar_agent.rs +++ b/keylime-agent/src/registrar_agent.rs @@ -60,12 +60,11 @@ pub(crate) async fn do_activate_agent( let data = Activate { auth_tag }; #[cfg(test)] - let addr = format!("http://{}:{}", registrar_ip, registrar_port); + let addr = format!("http://{registrar_ip}:{registrar_port}"); #[cfg(not(test))] let addr = format!( - "http://{}:{}/{}/agents/{}", - registrar_ip, registrar_port, API_VERSION, agent_uuid + "http://{registrar_ip}:{registrar_port}/{API_VERSION}/agents/{agent_uuid}" ); info!( @@ -114,12 +113,11 @@ pub(crate) async fn do_register_agent( }; #[cfg(test)] - let addr = format!("http://{}:{}", registrar_ip, registrar_port); + let addr = format!("http://{registrar_ip}:{registrar_port}"); #[cfg(not(test))] let addr = format!( - "http://{}:{}/{}/agents/{}", - registrar_ip, registrar_port, API_VERSION, agent_uuid + "http://{registrar_ip}:{registrar_port}/{API_VERSION}/agents/{agent_uuid}" ); info!( diff --git a/keylime-agent/src/revocation.rs b/keylime-agent/src/revocation.rs index fa49cc7f..eb539633 100644 --- a/keylime-agent/src/revocation.rs +++ b/keylime-agent/src/revocation.rs @@ -61,7 +61,7 @@ fn lookup_action( { None => Err(Error::Io(std::io::Error::new( ErrorKind::NotFound, - format!("Could not find action {}", action), + format!("Could not find action {action}"), ))), Some((script, is_python, is_payload)) => { // If the script is python, add the shim to the command. It is expected to be @@ -210,8 +210,7 @@ pub(crate) fn run_revocation_actions( } Err(e) => { let msg = format!( - "error executing revocation script {}: {:?}", - action, e + "error executing revocation script {action}: {e:?}" ); error!("{}", msg); return Err(Error::Script( @@ -361,7 +360,7 @@ pub(crate) async fn run_revocation_service( )); }; - let endpoint = format!("tcp://{}:{}", ip, port); + let endpoint = format!("tcp://{ip}:{port}"); info!( "Connecting to revocation notification endpoint at {}...", diff --git a/keylime-agent/src/secure_mount.rs b/keylime-agent/src/secure_mount.rs index 81cafe54..d4668a89 100644 --- a/keylime-agent/src/secure_mount.rs +++ b/keylime-agent/src/secure_mount.rs @@ -89,8 +89,7 @@ pub(crate) fn mount(work_dir: &Path, secure_size: &str) -> Result { if !secure_dir_path.exists() { fs::create_dir(&secure_dir_path).map_err(|e| { Error::SecureMount(format!( - "unable to create secure dir path: {:?}", - e + "unable to create secure dir path: {e:?}" )) })?; info!("Directory {:?} created.", &secure_dir_path); @@ -110,16 +109,14 @@ pub(crate) fn mount(work_dir: &Path, secure_size: &str) -> Result { if !secure_dir_path.exists() { fs::create_dir(&secure_dir_path).map_err(|e| { Error::SecureMount(format!( - "unable to create secure dir path: {:?}", - e + "unable to create secure dir path: {e:?}" )) })?; info!("Directory {:?} created.", secure_dir_path); let metadata = fs::metadata(&secure_dir_path).map_err(|e| { Error::SecureMount(format!( - "unable to get metadata for secure dir path: {:?}", - e + "unable to get metadata for secure dir path: {e:?}" )) })?; metadata.permissions().set_mode(0o750); // decimal 488 @@ -136,7 +133,7 @@ pub(crate) fn mount(work_dir: &Path, secure_size: &str) -> Result { "-t", "tmpfs", "-o", - format!("size={},mode=0700", secure_size).as_str(), + format!("size={secure_size},mode=0700").as_str(), "tmpfs", secure_dir_path.to_str().unwrap(), //#[allow_ci] ]) @@ -152,8 +149,7 @@ pub(crate) fn mount(work_dir: &Path, secure_size: &str) -> Result { } Err(e) => { return Err(Error::SecureMount(format!( - "unable to mount tmpfs with secure dir: {}", - e + "unable to mount tmpfs with secure dir: {e}" ))); } } diff --git a/keylime-agent/src/serialization.rs b/keylime-agent/src/serialization.rs index 0712d952..33c17ae3 100644 --- a/keylime-agent/src/serialization.rs +++ b/keylime-agent/src/serialization.rs @@ -26,7 +26,7 @@ where D: serde::Deserializer<'de>, { String::deserialize(deserializer).and_then(|string| { - base64::decode(&string).map_err(serde::de::Error::custom) + base64::decode(string).map_err(serde::de::Error::custom) }) } diff --git a/keylime/src/algorithms.rs b/keylime/src/algorithms.rs index 2d0e4a06..c0774667 100644 --- a/keylime/src/algorithms.rs +++ b/keylime/src/algorithms.rs @@ -43,8 +43,7 @@ impl TryFrom<&str> for HashAlgorithm { "sha512" => Ok(HashAlgorithm::Sha512), "sm3_256" => Ok(HashAlgorithm::Sm3_256), _ => Err(AlgorithmError::Hash(format!( - "Hash algorithm {} is not supported by Keylime", - value + "Hash algorithm {value} is not supported by Keylime" ))), } } @@ -58,7 +57,7 @@ impl fmt::Display for HashAlgorithm { HashAlgorithm::Sha512 => "sha512", HashAlgorithm::Sm3_256 => "sm3_256", }; - write!(f, "{}", value) + write!(f, "{value}") } } @@ -109,8 +108,7 @@ impl TryFrom<&str> for EncryptionAlgorithm { "rsa" => Ok(EncryptionAlgorithm::Rsa), "ecc" => Ok(EncryptionAlgorithm::Ecc), _ => Err(AlgorithmError::Encrypt(format!( - "Encryption alogorithm {} not supported by Keylime", - value + "Encryption algorithm {value} not supported by Keylime" ))), } } @@ -122,7 +120,7 @@ impl fmt::Display for EncryptionAlgorithm { EncryptionAlgorithm::Rsa => "rsa", EncryptionAlgorithm::Ecc => "ecc", }; - write!(f, "{}", value) + write!(f, "{value}") } } @@ -176,8 +174,7 @@ impl TryFrom<&str> for SignAlgorithm { // "ecdaa" => Ok(SignAlgorithm::EcDaa), "ecschnorr" => Ok(SignAlgorithm::EcSchnorr), _ => Err(AlgorithmError::Sign(format!( - "Signing algorithm {} not supported by Keylime", - value + "Signing algorithm {value} not supported by Keylime" ))), } } @@ -192,7 +189,7 @@ impl fmt::Display for SignAlgorithm { // SignAlgorithm::ECDAA => "ecdaa", SignAlgorithm::EcSchnorr => "ecschnorr", }; - write!(f, "{}", value) + write!(f, "{value}") } } #[cfg(test)] diff --git a/keylime/src/ima/entry.rs b/keylime/src/ima/entry.rs index ebb4532d..1168b3c8 100644 --- a/keylime/src/ima/entry.rs +++ b/keylime/src/ima/entry.rs @@ -433,7 +433,7 @@ impl TryFrom<&str> for Entry { }), template => Err(Error::new( ErrorKind::Other, - format!("unrecognized template \"{}\"", template,), + format!("unrecognized template \"{template}\"",), )), } } diff --git a/keylime/src/tpm.rs b/keylime/src/tpm.rs index 24e0bcdf..d5883423 100644 --- a/keylime/src/tpm.rs +++ b/keylime/src/tpm.rs @@ -81,7 +81,7 @@ impl From for TpmError { } else { None }; - let message = format!("{}", err); + let message = format!("{err}"); TpmError::Tss2 { err, kind, message } } @@ -418,12 +418,11 @@ fn parse_cred_and_secret( let version = u32::from_be_bytes(keyblob[4..8].try_into().unwrap()); //#[allow_ci] if magic != TSS_MAGIC { - return Err(TpmError::Other(format!("Error parsing cred and secret; TSS_MAGIC number {} does not match expected value {}", magic, TSS_MAGIC))); + return Err(TpmError::Other(format!("Error parsing cred and secret; TSS_MAGIC number {magic} does not match expected value {TSS_MAGIC}"))); } if version != 1 { return Err(TpmError::Other(format!( - "Error parsing cred and secret; version {} is not 1", - version + "Error parsing cred and secret; version {version} is not 1" ))); } @@ -455,8 +454,7 @@ fn pubkey_to_tpm_digest( Id::RSA => pubkey.rsa()?.public_key_to_pem()?, other_id => { return Err(TpmError::Other(format!( - "Converting to digest value for key type {:?} is not yet implemented", - other_id + "Converting to digest value for key type {other_id:?} is not yet implemented" ))); } }; @@ -519,7 +517,7 @@ fn read_mask(mask: u32) -> Result> { 21 => PcrSlot::Slot21, 22 => PcrSlot::Slot22, 23 => PcrSlot::Slot23, - bit => return Err(TpmError::Other(format!("malformed mask in integrity quote: only pcrs 0-23 can be included, but mask included pcr {:?}", bit))), + bit => return Err(TpmError::Other(format!("malformed mask in integrity quote: only pcrs 0-23 can be included, but mask included pcr {bit:?}"))), }, ) } @@ -601,8 +599,7 @@ fn hash_alg_to_message_digest( HashingAlgorithm::Sha256 => Ok(MessageDigest::sha256()), HashingAlgorithm::Sha1 => Ok(MessageDigest::sha1()), other => Err(TpmError::Other(format!( - "Unsupported hashing algorithm: {:?}", - other + "Unsupported hashing algorithm: {other:?}" ))), } } @@ -924,7 +921,7 @@ fn quote_encode_decode() { .join("test-data") .join("test-quote.txt"); - let f = File::open("e_path).expect("unable to open test-quote.txt"); + let f = File::open(quote_path).expect("unable to open test-quote.txt"); let mut f = BufReader::new(f); let mut buf = String::new(); let _ = f.read_line(&mut buf).expect("unable to read quote");