diff options
| author | Jesse Luehrs <doy@tozt.net> | 2021-10-27 00:13:48 -0400 |
|---|---|---|
| committer | Jesse Luehrs <doy@tozt.net> | 2021-10-27 00:47:03 -0400 |
| commit | 887b998b34de347ee4b8015ba9123b1274e4c349 (patch) | |
| tree | 9891be7d2618087391856a8c530a72e33e9fd7ca | |
| parent | ca14e569f7b5bfc929646a9e13028ba8bc534b47 (diff) | |
| download | rbw-887b998b34de347ee4b8015ba9123b1274e4c349.tar.gz rbw-887b998b34de347ee4b8015ba9123b1274e4c349.zip | |
clippy
| -rw-r--r-- | src/api.rs | 2 | ||||
| -rw-r--r-- | src/bin/rbw-agent/actions.rs | 15 | ||||
| -rw-r--r-- | src/bin/rbw-agent/agent.rs | 4 | ||||
| -rw-r--r-- | src/bin/rbw/commands.rs | 40 | ||||
| -rw-r--r-- | src/bin/rbw/main.rs | 20 | ||||
| -rw-r--r-- | src/cipherstring.rs | 115 | ||||
| -rw-r--r-- | src/lib.rs | 1 | ||||
| -rw-r--r-- | src/locked.rs | 2 |
8 files changed, 97 insertions, 102 deletions
@@ -708,7 +708,7 @@ impl Client { password: password.clone(), totp: totp.clone(), uris, - }) + }); } crate::db::EntryData::Card { cardholder_name, diff --git a/src/bin/rbw-agent/actions.rs b/src/bin/rbw-agent/actions.rs index 4f4096e..77ff178 100644 --- a/src/bin/rbw-agent/actions.rs +++ b/src/bin/rbw-agent/actions.rs @@ -145,13 +145,8 @@ async fn two_factor( .context("failed to read code from pinentry")?; let code = std::str::from_utf8(code.password()) .context("code was not valid utf8")?; - match rbw::actions::login( - &email, - &password, - Some(code), - Some(provider), - ) - .await + match rbw::actions::login(email, password, Some(code), Some(provider)) + .await { Ok(( access_token, @@ -430,7 +425,7 @@ pub async fn decrypt( .context("failed to parse encrypted secret")?; let plaintext = String::from_utf8( cipherstring - .decrypt_symmetric(&keys) + .decrypt_symmetric(keys) .context("failed to decrypt encrypted secret")?, ) .context("failed to parse decrypted secret")?; @@ -512,7 +507,7 @@ async fn config_email() -> anyhow::Result<String> { async fn load_db() -> anyhow::Result<rbw::db::Db> { let config = rbw::config::Config::load_async().await?; if let Some(email) = &config.email { - rbw::db::Db::load_async(&config.server_name(), &email) + rbw::db::Db::load_async(&config.server_name(), email) .await .map_err(anyhow::Error::new) } else { @@ -523,7 +518,7 @@ async fn load_db() -> anyhow::Result<rbw::db::Db> { async fn save_db(db: &rbw::db::Db) -> anyhow::Result<()> { let config = rbw::config::Config::load_async().await?; if let Some(email) = &config.email { - db.save_async(&config.server_name(), &email) + db.save_async(&config.server_name(), email) .await .map_err(anyhow::Error::new) } else { diff --git a/src/bin/rbw-agent/agent.rs b/src/bin/rbw-agent/agent.rs index 760a1fc..8db8a59 100644 --- a/src/bin/rbw-agent/agent.rs +++ b/src/bin/rbw-agent/agent.rs @@ -167,7 +167,7 @@ async fn handle_request( crate::actions::decrypt( sock, state.clone(), - &cipherstring, + cipherstring, org_id.as_deref(), ) .await?; @@ -177,7 +177,7 @@ async fn handle_request( crate::actions::encrypt( sock, state.clone(), - &plaintext, + plaintext, org_id.as_deref(), ) .await?; diff --git a/src/bin/rbw/commands.rs b/src/bin/rbw/commands.rs index c1f9291..db385a8 100644 --- a/src/bin/rbw/commands.rs +++ b/src/bin/rbw/commands.rs @@ -642,7 +642,7 @@ pub fn add( let mut folder_id = None; if let Some(folder_name) = folder { let (new_access_token, folders) = - rbw::actions::list_folders(&access_token, &refresh_token)?; + rbw::actions::list_folders(&access_token, refresh_token)?; if let Some(new_access_token) = new_access_token { access_token = new_access_token.clone(); db.access_token = Some(new_access_token); @@ -663,7 +663,7 @@ pub fn add( if folder_id.is_none() { let (new_access_token, id) = rbw::actions::create_folder( &access_token, - &refresh_token, + refresh_token, &crate::actions::encrypt(folder_name, None)?, )?; if let Some(new_access_token) = new_access_token { @@ -677,7 +677,7 @@ pub fn add( if let (Some(access_token), ()) = rbw::actions::add( &access_token, - &refresh_token, + refresh_token, &name, &rbw::db::EntryData::Login { username, @@ -735,7 +735,7 @@ pub fn generate( let mut folder_id = None; if let Some(folder_name) = folder { let (new_access_token, folders) = - rbw::actions::list_folders(&access_token, &refresh_token)?; + rbw::actions::list_folders(&access_token, refresh_token)?; if let Some(new_access_token) = new_access_token { access_token = new_access_token.clone(); db.access_token = Some(new_access_token); @@ -758,7 +758,7 @@ pub fn generate( if folder_id.is_none() { let (new_access_token, id) = rbw::actions::create_folder( &access_token, - &refresh_token, + refresh_token, &crate::actions::encrypt(folder_name, None)?, )?; if let Some(new_access_token) = new_access_token { @@ -772,7 +772,7 @@ pub fn generate( if let (Some(access_token), ()) = rbw::actions::add( &access_token, - &refresh_token, + refresh_token, &name, &rbw::db::EntryData::Login { username, @@ -880,8 +880,8 @@ pub fn edit( }; if let (Some(access_token), ()) = rbw::actions::edit( - &access_token, - &refresh_token, + access_token, + refresh_token, &entry.id, entry.org_id.as_deref(), &entry.name, @@ -921,7 +921,7 @@ pub fn remove( .with_context(|| format!("couldn't find entry for '{}'", desc))?; if let (Some(access_token), ()) = - rbw::actions::remove(&access_token, &refresh_token, &entry.id)? + rbw::actions::remove(access_token, refresh_token, &entry.id)? { db.access_token = Some(access_token); save_db(&db)?; @@ -1053,7 +1053,7 @@ fn find_entry( Ok(_) => { for cipher in &db.entries { if name == cipher.id { - return Ok((cipher.clone(), decrypt_cipher(&cipher)?)); + return Ok((cipher.clone(), decrypt_cipher(cipher)?)); } } Err(anyhow::anyhow!("no entry found")) @@ -1183,10 +1183,7 @@ fn decrypt_cipher(entry: &rbw::db::Entry) -> anyhow::Result<DecryptedCipher> { .name .as_ref() .map(|name| { - crate::actions::decrypt( - &name, - entry.org_id.as_deref(), - ) + crate::actions::decrypt(name, entry.org_id.as_deref()) }) .transpose()?, value: field @@ -1194,7 +1191,7 @@ fn decrypt_cipher(entry: &rbw::db::Entry) -> anyhow::Result<DecryptedCipher> { .as_ref() .map(|value| { crate::actions::decrypt( - &value, + value, entry.org_id.as_deref(), ) }) @@ -1444,7 +1441,7 @@ fn parse_editor(contents: &str) -> (Option<String>, Option<String>) { fn load_db() -> anyhow::Result<rbw::db::Db> { let config = rbw::config::Config::load()?; if let Some(email) = &config.email { - rbw::db::Db::load(&config.server_name(), &email) + rbw::db::Db::load(&config.server_name(), email) .map_err(anyhow::Error::new) } else { Err(anyhow::anyhow!("failed to find email address in config")) @@ -1454,7 +1451,7 @@ fn load_db() -> anyhow::Result<rbw::db::Db> { fn save_db(db: &rbw::db::Db) -> anyhow::Result<()> { let config = rbw::config::Config::load()?; if let Some(email) = &config.email { - db.save(&config.server_name(), &email) + db.save(&config.server_name(), email) .map_err(anyhow::Error::new) } else { Err(anyhow::anyhow!("failed to find email address in config")) @@ -1464,7 +1461,7 @@ fn save_db(db: &rbw::db::Db) -> anyhow::Result<()> { fn remove_db() -> anyhow::Result<()> { let config = rbw::config::Config::load()?; if let Some(email) = &config.email { - rbw::db::Db::remove(&config.server_name(), &email) + rbw::db::Db::remove(&config.server_name(), email) .map_err(anyhow::Error::new) } else { Err(anyhow::anyhow!("failed to find email address in config")) @@ -1494,8 +1491,11 @@ fn parse_totp_secret(secret: &str) -> anyhow::Result<Vec<u8>> { } else { secret.to_string() }; - base32::decode(base32::Alphabet::RFC4648 { padding: false }, &secret_str.replace(" ", "")) - .ok_or_else(|| anyhow::anyhow!("totp secret was not valid base32")) + base32::decode( + base32::Alphabet::RFC4648 { padding: false }, + &secret_str.replace(" ", ""), + ) + .ok_or_else(|| anyhow::anyhow!("totp secret was not valid base32")) } fn generate_totp(secret: &str) -> anyhow::Result<String> { diff --git a/src/bin/rbw/main.rs b/src/bin/rbw/main.rs index 6c6c33e..e6e1249 100644 --- a/src/bin/rbw/main.rs +++ b/src/bin/rbw/main.rs @@ -281,22 +281,22 @@ fn main(opt: Opt) { let res = match &opt { Opt::Config { config } => match config { Config::Show => commands::config_show(), - Config::Set { key, value } => commands::config_set(&key, &value), - Config::Unset { key } => commands::config_unset(&key), + Config::Set { key, value } => commands::config_set(key, value), + Config::Unset { key } => commands::config_unset(key), }, Opt::Login => commands::login(), Opt::Unlock => commands::unlock(), Opt::Unlocked => commands::unlocked(), Opt::Sync => commands::sync(), - Opt::List { fields } => commands::list(&fields), + Opt::List { fields } => commands::list(fields), Opt::Get { name, user, folder, full, - } => commands::get(&name, user.as_deref(), folder.as_deref(), *full), + } => commands::get(name, user.as_deref(), folder.as_deref(), *full), Opt::Code { name, user, folder } => { - commands::code(&name, user.as_deref(), folder.as_deref()) + commands::code(name, user.as_deref(), folder.as_deref()) } Opt::Add { name, @@ -304,7 +304,7 @@ fn main(opt: Opt) { uri, folder, } => commands::add( - &name, + name, user.as_deref(), uri.iter() // XXX not sure what the ui for specifying the match type @@ -349,18 +349,18 @@ fn main(opt: Opt) { ) } Opt::Edit { name, user, folder } => { - commands::edit(&name, user.as_deref(), folder.as_deref()) + commands::edit(name, user.as_deref(), folder.as_deref()) } Opt::Remove { name, user, folder } => { - commands::remove(&name, user.as_deref(), folder.as_deref()) + commands::remove(name, user.as_deref(), folder.as_deref()) } Opt::History { name, user, folder } => { - commands::history(&name, user.as_deref(), folder.as_deref()) + commands::history(name, user.as_deref(), folder.as_deref()) } Opt::Lock => commands::lock(), Opt::Purge => commands::purge(), Opt::StopAgent => commands::stop_agent(), - Opt::GenCompletions { shell } => gen_completions(&shell), + Opt::GenCompletions { shell } => gen_completions(shell), } .context(format!("rbw {}", opt.subcommand_name())); diff --git a/src/cipherstring.rs b/src/cipherstring.rs index 7a12915..39254c7 100644 --- a/src/cipherstring.rs +++ b/src/cipherstring.rs @@ -123,27 +123,27 @@ impl CipherString { &self, keys: &crate::locked::Keys, ) -> Result<Vec<u8>> { - match self { - Self::Symmetric { + if let Self::Symmetric { + iv, + ciphertext, + mac, + } = self + { + let cipher = decrypt_common_symmetric( + keys, iv, ciphertext, - mac, - } => { - let cipher = decrypt_common_symmetric( - keys, - iv, - ciphertext, - mac.as_deref(), - )?; - cipher - .decrypt_vec(ciphertext) - .map_err(|source| Error::Decrypt { source }) - } - _ => Err(Error::InvalidCipherString { + mac.as_deref(), + )?; + cipher + .decrypt_vec(ciphertext) + .map_err(|source| Error::Decrypt { source }) + } else { + Err(Error::InvalidCipherString { reason: "found an asymmetric cipherstring, expecting symmetric" .to_string(), - }), + }) } } @@ -151,30 +151,30 @@ impl CipherString { &self, keys: &crate::locked::Keys, ) -> Result<crate::locked::Vec> { - match self { - Self::Symmetric { + if let Self::Symmetric { + iv, + ciphertext, + mac, + } = self + { + let mut res = crate::locked::Vec::new(); + res.extend(ciphertext.iter().copied()); + let cipher = decrypt_common_symmetric( + keys, iv, ciphertext, - mac, - } => { - let mut res = crate::locked::Vec::new(); - res.extend(ciphertext.iter().copied()); - let cipher = decrypt_common_symmetric( - keys, - iv, - ciphertext, - mac.as_deref(), - )?; - cipher - .decrypt(res.data_mut()) - .map_err(|source| Error::Decrypt { source })?; - Ok(res) - } - _ => Err(Error::InvalidCipherString { + mac.as_deref(), + )?; + cipher + .decrypt(res.data_mut()) + .map_err(|source| Error::Decrypt { source })?; + Ok(res) + } else { + Err(Error::InvalidCipherString { reason: "found an asymmetric cipherstring, expecting symmetric" .to_string(), - }), + }) } } @@ -182,34 +182,33 @@ impl CipherString { &self, private_key: &crate::locked::PrivateKey, ) -> Result<crate::locked::Vec> { - match self { - Self::Asymmetric { ciphertext } => { - let privkey_data = private_key.private_key(); - let privkey_data = block_padding::Pkcs7::unpad(privkey_data) - .map_err(|_| Error::Padding)?; - let pkey = rsa::RsaPrivateKey::from_pkcs8_der(privkey_data) - .map_err(|source| Error::RsaPkcs8 { source })?; - let mut bytes = pkey - .decrypt( - rsa::padding::PaddingScheme::new_oaep::<sha1::Sha1>(), - ciphertext, - ) - .map_err(|source| Error::Rsa { source })?; + if let Self::Asymmetric { ciphertext } = self { + let privkey_data = private_key.private_key(); + let privkey_data = block_padding::Pkcs7::unpad(privkey_data) + .map_err(|_| Error::Padding)?; + let pkey = rsa::RsaPrivateKey::from_pkcs8_der(privkey_data) + .map_err(|source| Error::RsaPkcs8 { source })?; + let mut bytes = pkey + .decrypt( + rsa::padding::PaddingScheme::new_oaep::<sha1::Sha1>(), + ciphertext, + ) + .map_err(|source| Error::Rsa { source })?; - // XXX it'd be great if the rsa crate would let us decrypt - // into a preallocated buffer directly to avoid the - // intermediate vec that needs to be manually zeroized, etc - let mut res = crate::locked::Vec::new(); - res.extend(bytes.iter().copied()); - bytes.zeroize(); + // XXX it'd be great if the rsa crate would let us decrypt + // into a preallocated buffer directly to avoid the + // intermediate vec that needs to be manually zeroized, etc + let mut res = crate::locked::Vec::new(); + res.extend(bytes.iter().copied()); + bytes.zeroize(); - Ok(res) - } - _ => Err(Error::InvalidCipherString { + Ok(res) + } else { + Err(Error::InvalidCipherString { reason: "found a symmetric cipherstring, expecting asymmetric" .to_string(), - }), + }) } } } @@ -12,6 +12,7 @@ #![allow(clippy::too_many_arguments)] #![allow(clippy::too_many_lines)] #![allow(clippy::type_complexity)] +#![allow(clippy::unused_async)] pub mod actions; pub mod api; diff --git a/src/locked.rs b/src/locked.rs index 611e57e..96bb846 100644 --- a/src/locked.rs +++ b/src/locked.rs @@ -32,7 +32,7 @@ impl Vec { pub fn zero(&mut self) { self.truncate(0); - self.data.extend(std::iter::repeat(0).take(LEN)) + self.data.extend(std::iter::repeat(0).take(LEN)); } pub fn extend(&mut self, it: impl Iterator<Item = u8>) { |