fmt

Author: kornelski

security-framework-sys/src/access_control.rs

@@ -1,6 +1,6 @@
-use core_foundation_sys::base::{CFAllocatorRef, CFTypeRef, CFTypeID};
-use core_foundation_sys::error::CFErrorRef;
 use core_foundation_sys::base::CFOptionFlags;
+use core_foundation_sys::base::{CFAllocatorRef, CFTypeID, CFTypeRef};
+use core_foundation_sys::error::CFErrorRef;
 
 use crate::base::SecAccessControlRef;
 
@@ -27,6 +27,6 @@ extern "C" {
         allocator: CFAllocatorRef,
         protection: CFTypeRef,
         flags: CFOptionFlags,
-        error: *mut CFErrorRef
+        error: *mut CFErrorRef,
     ) -> SecAccessControlRef;
 }

security-framework-sys/src/item.rs

@@ -32,14 +32,13 @@ extern "C" {
     pub static kSecAttrKeyClassSymmetric: CFStringRef;
 
     pub static kSecUseKeychain: CFStringRef;
-    #[cfg(any(feature = "OSX_10_15", target_os="ios"))]
+    #[cfg(any(feature = "OSX_10_15", target_os = "ios"))]
     pub static kSecUseDataProtectionKeychain: CFStringRef;
-    #[cfg(any(feature = "OSX_10_12", target_os="ios"))]
+    #[cfg(any(feature = "OSX_10_12", target_os = "ios"))]
     pub static kSecAttrTokenID: CFStringRef;
-    #[cfg(any(feature = "OSX_10_12", target_os="ios"))]
+    #[cfg(any(feature = "OSX_10_12", target_os = "ios"))]
     pub static kSecAttrTokenIDSecureEnclave: CFStringRef;
 
-
     pub static kSecAttrKeySizeInBits: CFStringRef;
 
     pub static kSecAttrKeyTypeECSECPrimeRandom: CFStringRef;
@@ -58,7 +57,7 @@ extern "C" {
     pub static kSecAttrKeyTypeRC2: CFStringRef;
     #[cfg(target_os = "macos")]
     pub static kSecAttrKeyTypeCAST: CFStringRef;
-    #[cfg(any(feature = "OSX_10_9", target_os="ios"))]
+    #[cfg(any(feature = "OSX_10_9", target_os = "ios"))]
     pub static kSecAttrKeyTypeEC: CFStringRef;
 
     pub static kSecAttrAccessGroup: CFStringRef;

security-framework-sys/src/key.rs

@@ -14,10 +14,7 @@ extern "C" {
     pub fn SecKeyGetTypeID() -> CFTypeID;
 
     #[cfg(any(feature = "OSX_10_12", target_os = "ios"))]
-    pub fn SecKeyCreateRandomKey(
-        parameters: CFDictionaryRef,
-        error: *mut CFErrorRef,
-    ) -> SecKeyRef;
+    pub fn SecKeyCreateRandomKey(parameters: CFDictionaryRef, error: *mut CFErrorRef) -> SecKeyRef;
 
     #[cfg(target_os = "macos")]
     pub fn SecKeyCreateFromData(

security-framework-sys/src/policy.rs

@@ -1,6 +1,6 @@
-use core_foundation_sys::base::{Boolean, CFTypeID};
 #[cfg(any(feature = "OSX_10_9", target_os = "ios"))]
 use core_foundation_sys::base::CFOptionFlags;
+use core_foundation_sys::base::{Boolean, CFTypeID};
 use core_foundation_sys::string::CFStringRef;
 
 use crate::base::SecPolicyRef;

security-framework-sys/src/trust.rs

@@ -16,7 +16,6 @@ pub const kSecTrustResultRecoverableTrustFailure: SecTrustResultType = 5;
 pub const kSecTrustResultFatalTrustFailure: SecTrustResultType = 6;
 pub const kSecTrustResultOtherError: SecTrustResultType = 7;
 
-
 #[cfg(target_os = "macos")]
 mod flags {
     pub type SecTrustOptionFlags = u32;
@@ -25,9 +24,9 @@ mod flags {
     pub const kSecTrustOptionLeafIsCA: SecTrustOptionFlags = 0x0000_0002;
     pub const kSecTrustOptionFetchIssuerFromNet: SecTrustOptionFlags = 0x0000_0004;
     pub const kSecTrustOptionAllowExpiredRoot: SecTrustOptionFlags = 0x0000_0008;
-    pub const kSecTrustOptionRequireRevPerCert: SecTrustOptionFlags= 0x0000_0010;
-    pub const kSecTrustOptionUseTrustSettings: SecTrustOptionFlags= 0x0000_0020;
-    pub const kSecTrustOptionImplicitAnchors: SecTrustOptionFlags= 0x0000_0040;
+    pub const kSecTrustOptionRequireRevPerCert: SecTrustOptionFlags = 0x0000_0010;
+    pub const kSecTrustOptionUseTrustSettings: SecTrustOptionFlags = 0x0000_0020;
+    pub const kSecTrustOptionImplicitAnchors: SecTrustOptionFlags = 0x0000_0040;
 }
 
 #[cfg(target_os = "macos")]
@@ -73,6 +72,9 @@ extern "C" {
     #[cfg(any(feature = "OSX_10_9", target_os = "ios"))]
     pub fn SecTrustSetOCSPResponse(trust: SecTrustRef, responseData: CFTypeRef) -> OSStatus;
     #[cfg(any(feature = "OSX_10_14", target_os = "ios"))]
-    pub fn SecTrustSetSignedCertificateTimestamps(trust: SecTrustRef, sctArray: CFArrayRef) -> OSStatus;
+    pub fn SecTrustSetSignedCertificateTimestamps(
+        trust: SecTrustRef,
+        sctArray: CFArrayRef,
+    ) -> OSStatus;
     pub fn SecTrustCopyPublicKey(trust: SecTrustRef) -> SecKeyRef;
 }

security-framework/src/access_control.rs

@@ -11,23 +11,30 @@ declare_TCFType! {
     /// A type representing sec access control settings.
     SecAccessControl, SecAccessControlRef
 }
-impl_TCFType!(SecAccessControl, SecAccessControlRef, SecAccessControlGetTypeID);
+impl_TCFType!(
+    SecAccessControl,
+    SecAccessControlRef,
+    SecAccessControlGetTypeID
+);
 
 unsafe impl Sync for SecAccessControl {}
 unsafe impl Send for SecAccessControl {}
 
-
 impl SecAccessControl {
-
     /// Create `AccessControl` object from flags
     pub fn create_with_flags(flags: CFOptionFlags) -> Result<Self> {
-        unsafe { 
-            let access_control = SecAccessControlCreateWithFlags(kCFAllocatorDefault, null(), flags, ptr::null_mut());
+        unsafe {
+            let access_control = SecAccessControlCreateWithFlags(
+                kCFAllocatorDefault,
+                null(),
+                flags,
+                ptr::null_mut(),
+            );
             if access_control.is_null() {
                 Err(Error::from_code(errSecParam))
             } else {
                 Ok(Self::wrap_under_create_rule(access_control))
             }
         }
     }
-}
+}

security-framework/src/authorization.rs

@@ -7,16 +7,16 @@
 /// * `AuthorizationCopyRightsAsync`
 /// * Provide constants for well known item names
 use crate::base::{Error, Result};
+#[cfg(all(target_os = "macos", feature = "job-bless"))]
+use core_foundation::base::Boolean;
 use core_foundation::base::{CFTypeRef, TCFType};
 use core_foundation::bundle::CFBundleRef;
 use core_foundation::dictionary::{CFDictionary, CFDictionaryRef};
-use core_foundation::string::{CFString, CFStringRef};
 #[cfg(all(target_os = "macos", feature = "job-bless"))]
 use core_foundation::error::CFError;
 #[cfg(all(target_os = "macos", feature = "job-bless"))]
 use core_foundation::error::CFErrorRef;
-#[cfg(all(target_os = "macos", feature = "job-bless"))]
-use core_foundation::base::Boolean;
+use core_foundation::string::{CFString, CFStringRef};
 use security_framework_sys::authorization as sys;
 use security_framework_sys::base::errSecConversionError;
 use std::convert::TryFrom;
@@ -170,7 +170,8 @@ impl AuthorizationItemSetBuilder {
     /// Creates a new `AuthorizationItemSetStore`, which simplifies creating
     /// owned vectors of `AuthorizationItem`s.
     #[inline(always)]
-    #[must_use] pub fn new() -> AuthorizationItemSetBuilder {
+    #[must_use]
+    pub fn new() -> AuthorizationItemSetBuilder {
         Default::default()
     }
 
@@ -217,7 +218,8 @@ impl AuthorizationItemSetBuilder {
 
     /// Creates the `sys::AuthorizationItemSet`, and gives you ownership of the
     /// data it points to.
-    #[must_use] pub fn build(mut self) -> AuthorizationItemSetStorage {
+    #[must_use]
+    pub fn build(mut self) -> AuthorizationItemSetStorage {
         self.storage.items = self
             .storage
             .names
@@ -558,7 +560,6 @@ impl Authorization {
     /// Submits the executable for the given label as a `launchd` job.
     #[cfg(all(target_os = "macos", feature = "job-bless"))]
     pub fn job_bless(&self, label: &str) -> Result<(), CFError> {
-
         #[link(name = "ServiceManagement", kind = "framework")]
         extern "C" {
             static kSMDomainSystemLaunchd: CFStringRef;
@@ -577,7 +578,7 @@ impl Authorization {
                 kSMDomainSystemLaunchd,
                 CFString::new(label).as_concrete_TypeRef(),
                 self.handle,
-                &mut error
+                &mut error,
             );
             if !error.is_null() {
                 return Err(CFError::wrap_under_create_rule(error));

security-framework/src/certificate.rs

@@ -6,9 +6,9 @@ use core_foundation::data::CFData;
 use core_foundation::dictionary::CFMutableDictionary;
 use core_foundation::string::CFString;
 use core_foundation_sys::base::kCFAllocatorDefault;
-use security_framework_sys::base::{errSecParam, SecCertificateRef};
 #[cfg(target_os = "ios")]
-use security_framework_sys::base::{errSecSuccess, errSecNotTrusted};
+use security_framework_sys::base::{errSecNotTrusted, errSecSuccess};
+use security_framework_sys::base::{errSecParam, SecCertificateRef};
 use security_framework_sys::certificate::*;
 use security_framework_sys::keychain_item::SecItemDelete;
 use std::fmt;

security-framework/src/item.rs

@@ -11,7 +11,7 @@ use core_foundation::string::CFString;
 use core_foundation_sys::base::{CFCopyDescription, CFGetTypeID, CFRelease, CFTypeRef};
 use core_foundation_sys::string::CFStringRef;
 use security_framework_sys::item::*;
-use security_framework_sys::keychain_item::{SecItemCopyMatching, SecItemAdd};
+use security_framework_sys::keychain_item::{SecItemAdd, SecItemCopyMatching};
 use std::collections::HashMap;
 use std::fmt;
 use std::ptr;
@@ -31,31 +31,36 @@ pub struct ItemClass(CFStringRef);
 impl ItemClass {
     /// Look for `SecKeychainItem`s corresponding to generic passwords.
     #[inline(always)]
-    #[must_use] pub fn generic_password() -> Self {
+    #[must_use]
+    pub fn generic_password() -> Self {
         unsafe { Self(kSecClassGenericPassword) }
     }
 
     /// Look for `SecKeychainItem`s corresponding to internet passwords.
     #[inline(always)]
-    #[must_use] pub fn internet_password() -> Self {
+    #[must_use]
+    pub fn internet_password() -> Self {
         unsafe { Self(kSecClassInternetPassword) }
     }
 
     /// Look for `SecCertificate`s.
     #[inline(always)]
-    #[must_use] pub fn certificate() -> Self {
+    #[must_use]
+    pub fn certificate() -> Self {
         unsafe { Self(kSecClassCertificate) }
     }
 
     /// Look for `SecKey`s.
     #[inline(always)]
-    #[must_use] pub fn key() -> Self {
+    #[must_use]
+    pub fn key() -> Self {
         unsafe { Self(kSecClassKey) }
     }
 
     /// Look for `SecIdentity`s.
     #[inline(always)]
-    #[must_use] pub fn identity() -> Self {
+    #[must_use]
+    pub fn identity() -> Self {
         unsafe { Self(kSecClassIdentity) }
     }
 
@@ -152,7 +157,8 @@ impl crate::ItemSearchOptionsInternals for ItemSearchOptions {
 impl ItemSearchOptions {
     /// Creates a new builder with default options.
     #[inline(always)]
-    #[must_use] pub fn new() -> Self {
+    #[must_use]
+    pub fn new() -> Self {
         Self::default()
     }
 
@@ -234,8 +240,8 @@ impl ItemSearchOptions {
     }
 
     /// Search for a certificate with the given public key hash.
-    /// 
-    /// This is only compatible with [ItemClass::certificate], to search for 
+    ///
+    /// This is only compatible with [ItemClass::certificate], to search for
     /// a key by public key hash use [ItemSearchOptions::application_label]
     /// instead.
     #[inline(always)]
@@ -245,9 +251,9 @@ impl ItemSearchOptions {
     }
 
     /// Search for a key with the given public key hash.
-    /// 
-    /// This is only compatible with [ItemClass::key], to search for a 
-    /// certificate by the public key hash use [ItemSearchOptions::pub_key_hash] 
+    ///
+    /// This is only compatible with [ItemClass::key], to search for a
+    /// certificate by the public key hash use [ItemSearchOptions::pub_key_hash]
     /// instead.
     #[inline(always)]
     pub fn application_label(&mut self, app_label: &[u8]) -> &mut Self {
@@ -474,7 +480,8 @@ impl SearchResult {
     /// `HashMap<String, String>`. This transformation isn't
     /// comprehensive, it only supports `CFString`, `CFDate`, and `CFData`
     /// value types.
-    #[must_use] pub fn simplify_dict(&self) -> Option<HashMap<String, String>> {
+    #[must_use]
+    pub fn simplify_dict(&self) -> Option<HashMap<String, String>> {
         match *self {
             Self::Dict(ref d) => unsafe {
                 let mut retmap = HashMap::new();
@@ -544,25 +551,27 @@ impl ItemAddOptions {
             ItemAddValue::Data { class, .. } => Some(*class),
         };
         if let Some(class) = class_opt {
-            dict.add(&unsafe{kSecClass}.to_void(), &class.0.to_void());
+            dict.add(&unsafe { kSecClass }.to_void(), &class.0.to_void());
         }
 
-        let value_pair = match &self.value{
-            ItemAddValue::Ref(ref_) => (unsafe {kSecValueRef}.to_void(), ref_.ref_()),
-            ItemAddValue::Data { data, ..} => (unsafe {kSecValueData}.to_void(), data.to_void()),
+        let value_pair = match &self.value {
+            ItemAddValue::Ref(ref_) => (unsafe { kSecValueRef }.to_void(), ref_.ref_()),
+            ItemAddValue::Data { data, .. } => (unsafe { kSecValueData }.to_void(), data.to_void()),
         };
         dict.add(&value_pair.0, &value_pair.1);
 
-
         if let Some(location) = &self.location {
-            match location{
-                #[cfg(any(feature = "OSX_10_15", target_os="ios"))]
+            match location {
+                #[cfg(any(feature = "OSX_10_15", target_os = "ios"))]
                 Location::DataProtectionKeychain => {
-                    dict.add(&unsafe { kSecUseDataProtectionKeychain }.to_void(), &CFBoolean::true_value().to_void());
-                },
-                #[cfg(target_os="macos")]
-                Location::DefaultFileKeychain => {},
-                #[cfg(target_os="macos")]
+                    dict.add(
+                        &unsafe { kSecUseDataProtectionKeychain }.to_void(),
+                        &CFBoolean::true_value().to_void(),
+                    );
+                }
+                #[cfg(target_os = "macos")]
+                Location::DefaultFileKeychain => {}
+                #[cfg(target_os = "macos")]
                 Location::FileKeychain(keychain) => {
                     dict.add(&unsafe { kSecUseKeychain }.to_void(), &keychain.to_void());
                 },
@@ -571,7 +580,7 @@ impl ItemAddOptions {
 
         let label = self.label.as_deref().map(CFString::from);
         if let Some(label) = &label {
-            dict.add(&unsafe {kSecAttrLabel}.to_void(), &label.to_void());
+            dict.add(&unsafe { kSecAttrLabel }.to_void(), &label.to_void());
         }
 
         dict.to_immutable()
@@ -583,15 +592,14 @@ pub enum ItemAddValue {
     /// Pass item by Ref (kSecValueRef)
     Ref(AddRef),
     /// Pass item by Data (kSecValueData)
-    Data{
+    Data {
         /// The item class (kSecClass).
         class: ItemClass,
         /// The item data.
-        data: CFData
+        data: CFData,
     },
 }
 
-
 /// Type of Ref to add to the keychain.
 pub enum AddRef {
     /// SecKey
@@ -633,15 +641,15 @@ pub enum Location {
     /// This keychain requires the calling binary to be codesigned with
     /// entitlements for the KeychainAccessGroups it is supposed to
     /// access.
-    #[cfg(any(feature = "OSX_10_15", target_os="ios"))]
+    #[cfg(any(feature = "OSX_10_15", target_os = "ios"))]
     DataProtectionKeychain,
     /// Store the key in the default file-based keychain. On macOS, defaults to
     /// the Login keychain.
-    #[cfg(target_os="macos")]
+    #[cfg(target_os = "macos")]
     DefaultFileKeychain,
     /// Store the key in a specific file-based keychain.
-    #[cfg(target_os="macos")]
-    FileKeychain(crate::os::macos::keychain::SecKeychain)
+    #[cfg(target_os = "macos")]
+    FileKeychain(crate::os::macos::keychain::SecKeychain),
 }
 
 /// Translates to SecItemAdd. Use `ItemAddOptions` to build an `add_params`