diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 93f4ce4..a0edcb1 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -29,5 +29,8 @@ jobs: - name: Check formatting run: cargo fmt --all -- --check + - name: Run linter + run: cargo clippy -- -D warnings + - name: Build release run: cargo build --release diff --git a/src/clock.rs b/src/clock.rs index 021153c..c821623 100644 --- a/src/clock.rs +++ b/src/clock.rs @@ -78,7 +78,7 @@ impl ClockInterface { self.timezone_offset = if offset_seconds == 0 { None } else { - Some(Duration::from_secs(offset_seconds.abs() as u64)) + Some(Duration::from_secs(offset_seconds.unsigned_abs() as u64)) }; Ok(()) diff --git a/src/enforcement/engine.rs b/src/enforcement/engine.rs index bf615ec..40cabd7 100644 --- a/src/enforcement/engine.rs +++ b/src/enforcement/engine.rs @@ -57,7 +57,7 @@ impl EnforcementLayer { // Crypto interface if policy.capabilities.crypto { - let crypto = DefaultCryptoProvider::new(); + let crypto = DefaultCryptoProvider::default(); let audited = AuditedCryptoProvider::new(crypto, entity_id.clone(), self.audit_log.clone()); @@ -90,17 +90,17 @@ impl EnforcementLayer { // Capabilities interface if policy.capabilities.capabilities { - hal.capabilities = Some(Box::new(DefaultCapabilitiesProvider::new())); + hal.capabilities = Some(Box::new(DefaultCapabilitiesProvider::default())); } // Random interface if policy.capabilities.random { - hal.random = Some(Box::new(DefaultRandomProvider::new())); + hal.random = Some(Box::new(DefaultRandomProvider::default())); } // Clock interface if policy.capabilities.clock { - hal.clock = Some(Box::new(DefaultClockProvider::new())); + hal.clock = Some(Box::new(DefaultClockProvider::default())); } // Storage interface diff --git a/src/enforcement/policy.rs b/src/enforcement/policy.rs index 0fd3dcf..dbf8570 100644 --- a/src/enforcement/policy.rs +++ b/src/enforcement/policy.rs @@ -151,22 +151,16 @@ pub struct PolicyConfig { } /// Policy engine that manages and enforces policies +#[derive(Default)] pub struct PolicyEngine { policies: HashMap, umbrella_id: Option, } impl PolicyEngine { - pub fn new() -> Self { - Self { - policies: HashMap::new(), - umbrella_id: None, - } - } - /// Load policies from configuration pub fn from_config(config: PolicyConfig) -> EnforcementResult { - let mut engine = Self::new(); + let mut engine = Self::default(); // Load entity policies for policy in config.entities { diff --git a/src/events.rs b/src/events.rs index b54c1e1..6df49a2 100644 --- a/src/events.rs +++ b/src/events.rs @@ -252,12 +252,12 @@ impl EventInterface { if let Some(handler) = handlers.get(&subscription.handler_handle) { // Check queue size let current_size = *handler.current_queue_size.read().await; - if current_size < handler.max_queue_size { - if handler.sender.send(event.clone()).is_ok() { - let mut queue_size = handler.current_queue_size.write().await; - *queue_size += 1; - sent_count += 1; - } + if current_size < handler.max_queue_size + && handler.sender.send(event.clone()).is_ok() + { + let mut queue_size = handler.current_queue_size.write().await; + *queue_size += 1; + sent_count += 1; } } } @@ -513,21 +513,20 @@ impl Default for EventInterface { // Helper function to use UUID without adding it as a dependency mod uuid { - pub struct Uuid; + use core::fmt; - impl Uuid { - pub fn new_v4() -> Self { - Self - } + pub struct Uuid; - pub fn to_string(&self) -> String { + impl fmt::Display for Uuid { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { // Simple UUID-like string generator for testing let timestamp = std::time::SystemTime::now() .duration_since(std::time::UNIX_EPOCH) .unwrap() .as_nanos(); - format!( + write!( + f, "{:x}-{:x}-{:x}-{:x}", timestamp & 0xffffffff, (timestamp >> 32) & 0xffff, @@ -536,6 +535,12 @@ mod uuid { ) } } + + impl Uuid { + pub fn new_v4() -> Self { + Self + } + } } #[cfg(test)] diff --git a/src/gpu.rs b/src/gpu.rs index 3a465e9..85b2e32 100644 --- a/src/gpu.rs +++ b/src/gpu.rs @@ -141,7 +141,7 @@ pub struct GpuBufferDescriptor { } /// GPU buffer usage flags -#[derive(Debug, Clone)] +#[derive(Default, Debug, Clone)] pub struct GpuBufferUsage { pub map_read: bool, pub map_write: bool, @@ -814,20 +814,3 @@ mod tests { assert!(result.is_err()); } } - -impl Default for GpuBufferUsage { - fn default() -> Self { - Self { - map_read: false, - map_write: false, - copy_src: false, - copy_dst: false, - index: false, - vertex: false, - uniform: false, - storage: false, - indirect: false, - query_resolve: false, - } - } -} diff --git a/src/interfaces.rs b/src/interfaces.rs index 0c1254e..5eb6968 100644 --- a/src/interfaces.rs +++ b/src/interfaces.rs @@ -76,10 +76,10 @@ impl HalProvider { platform: DefaultPlatformProvider::new() .ok() .map(|p| Box::new(p) as Box), - capabilities: Some(Box::new(DefaultCapabilitiesProvider::new())), - crypto: Some(Box::new(DefaultCryptoProvider::new())), - random: Some(Box::new(DefaultRandomProvider::new())), - clock: Some(Box::new(DefaultClockProvider::new())), + capabilities: Some(Box::new(DefaultCapabilitiesProvider::default())), + crypto: Some(Box::new(DefaultCryptoProvider::default())), + random: Some(Box::new(DefaultRandomProvider::default())), + clock: Some(Box::new(DefaultClockProvider::default())), storage: None, // Optional } } diff --git a/src/platform.rs b/src/platform.rs index a550658..57566a3 100644 --- a/src/platform.rs +++ b/src/platform.rs @@ -271,7 +271,7 @@ impl ElasticTeeHal { /// /// # Arguments /// * `report_data` - Custom data to include in the attestation report (e.g., nonce, challenge) - /// For TDX, this should be up to 64 bytes. For SEV-SNP, up to 64 bytes. + /// For TDX, this should be up to 64 bytes. For SEV-SNP, up to 64 bytes. pub async fn attest(&self, report_data: &[u8]) -> HalResult> { if !self.initialized { return Err(HalError::TeeInitializationFailed( diff --git a/src/providers.rs b/src/providers.rs index 114a965..d688d9b 100644 --- a/src/providers.rs +++ b/src/providers.rs @@ -35,8 +35,8 @@ pub struct DefaultCapabilitiesProvider { caps: crate::capabilities::PlatformCapabilities, } -impl DefaultCapabilitiesProvider { - pub fn new() -> Self { +impl Default for DefaultCapabilitiesProvider { + fn default() -> Self { let platform_type = crate::platform::ElasticTeeHal::new() .map(|hal| hal.platform_type().clone()) .unwrap_or(crate::platform::PlatformType::IntelTdx); @@ -49,32 +49,34 @@ impl DefaultCapabilitiesProvider { impl CapabilitiesInterface for DefaultCapabilitiesProvider { fn list_capabilities(&self) -> Result, String> { - let mut result = Vec::new(); - result.push(( - "random".to_string(), - self.caps.features.random, - "1.0".to_string(), - )); - result.push(( - "crypto".to_string(), - self.caps.crypto_support.hardware_acceleration, - "1.0".to_string(), - )); - result.push(( - "attestation".to_string(), - self.caps.features.attestation, - "1.0".to_string(), - )); - result.push(( - "secure-storage".to_string(), - self.caps.features.secure_storage, - "1.0".to_string(), - )); - result.push(( - "gpu-compute".to_string(), - self.caps.features.gpu_compute, - "1.0".to_string(), - )); + let result = vec![ + ( + "random".to_string(), + self.caps.features.random, + "1.0".to_string(), + ), + ( + "crypto".to_string(), + self.caps.crypto_support.hardware_acceleration, + "1.0".to_string(), + ), + ( + "attestation".to_string(), + self.caps.features.attestation, + "1.0".to_string(), + ), + ( + "secure-storage".to_string(), + self.caps.features.secure_storage, + "1.0".to_string(), + ), + ( + "gpu-compute".to_string(), + self.caps.features.gpu_compute, + "1.0".to_string(), + ), + ]; + Ok(result) } @@ -92,18 +94,11 @@ impl CapabilitiesInterface for DefaultCapabilitiesProvider { } /// Default crypto provider +#[derive(Default)] pub struct DefaultCryptoProvider { crypto: crate::crypto::CryptoInterface, } -impl DefaultCryptoProvider { - pub fn new() -> Self { - Self { - crypto: crate::crypto::CryptoInterface::new(), - } - } -} - impl CryptoInterface for DefaultCryptoProvider { fn hash(&self, data: &[u8], algorithm: &str) -> Result, String> { futures::executor::block_on(self.crypto.hash_data(algorithm, data)) @@ -160,18 +155,11 @@ impl CryptoInterface for DefaultCryptoProvider { } /// Default random provider +#[derive(Default)] pub struct DefaultRandomProvider { random: crate::random::RandomInterface, } -impl DefaultRandomProvider { - pub fn new() -> Self { - Self { - random: crate::random::RandomInterface::new(), - } - } -} - impl RandomInterface for DefaultRandomProvider { fn get_random_bytes(&self, length: u32) -> Result, String> { self.random @@ -188,18 +176,11 @@ impl RandomInterface for DefaultRandomProvider { } /// Default clock provider +#[derive(Default)] pub struct DefaultClockProvider { clock: crate::clock::ClockInterface, } -impl DefaultClockProvider { - pub fn new() -> Self { - Self { - clock: crate::clock::ClockInterface::new(), - } - } -} - impl ClockInterface for DefaultClockProvider { fn system_time(&self) -> Result<(u64, u32), String> { self.clock diff --git a/src/random.rs b/src/random.rs index 03e279e..347b608 100644 --- a/src/random.rs +++ b/src/random.rs @@ -106,7 +106,7 @@ impl RandomInterface { /// Generate random salt for password hashing pub fn generate_salt(&self, length: usize) -> HalResult> { - if length < 16 || length > 64 { + if (16..=64).contains(&length) { return Err(HalError::InvalidParameter( "Salt length must be between 16 and 64 bytes".to_string(), )); @@ -117,7 +117,7 @@ impl RandomInterface { /// Generate cryptographically secure random key material pub fn generate_key_material(&self, length: usize) -> HalResult> { - if length < 16 || length > 256 { + if !(16..=256).contains(&length) { return Err(HalError::InvalidParameter( "Key material length must be between 16 and 256 bytes".to_string(), )); @@ -128,7 +128,7 @@ impl RandomInterface { /// Test randomness quality (basic entropy check) pub fn test_randomness_quality(&self, sample_size: usize) -> HalResult { - if sample_size < 1000 || sample_size > 100_000 { + if !(1000..=100_000).contains(&sample_size) { return Err(HalError::InvalidParameter( "Sample size must be between 1000 and 100000 bytes".to_string(), )); diff --git a/src/sockets.rs b/src/sockets.rs index 1f0b073..bbaf9c3 100644 --- a/src/sockets.rs +++ b/src/sockets.rs @@ -30,7 +30,7 @@ pub struct SocketInterface { enum SocketWrapper { TcpListener(TcpListener), TcpStream(TcpStream), - TlsStream(TlsStream), + TlsStream(Box>), UdpSocket(UdpSocket), // DTLS would require additional implementation } @@ -320,7 +320,7 @@ impl SocketInterface { let mut sockets = self.sockets.write().await; sockets.insert( handle, - SocketWrapper::TlsStream(tokio_rustls::TlsStream::Client(tls_stream)), + SocketWrapper::TlsStream(Box::new(tokio_rustls::TlsStream::Client(tls_stream))), ); Ok(handle) @@ -383,7 +383,7 @@ impl SocketInterface { let mut sockets = self.sockets.write().await; sockets.insert( handle, - SocketWrapper::TlsStream(tokio_rustls::TlsStream::Server(tls_stream)), + SocketWrapper::TlsStream(Box::new(tokio_rustls::TlsStream::Server(tls_stream))), ); Ok(handle)