cargo fmt change

MS-megliu · Dec 10, 2024 · ea50342 · ea50342
1 parent 4cb0100
commit ea50342
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 62 deletions.
diff --git a/src/signer.rs b/src/signer.rs
@@ -11,9 +11,7 @@ use crate::key::{AlgorithmGroup, NCryptKey, SignaturePadding};
 
 use windows_sys::Win32::Security::Cryptography::BCryptHash;
 use windows_sys::Win32::Security::Cryptography::{
-    BCRYPT_SHA256_ALG_HANDLE,
-    BCRYPT_SHA384_ALG_HANDLE,
-    BCRYPT_SHA512_ALG_HANDLE,
+    BCRYPT_SHA256_ALG_HANDLE, BCRYPT_SHA384_ALG_HANDLE, BCRYPT_SHA512_ALG_HANDLE,
 };
 
 // Convert IEEE-P1363 signature format to DER encoding.
@@ -106,72 +104,59 @@ struct CngSigner {
 }
 
 impl CngSigner {
-
     // new hash function using BCryptHash function which uses FIPS certified SymCrypt
     fn hash(&self, message: &[u8]) -> Result<(Vec<u8>, SignaturePadding), Error> {
         let (alg, padding) = match self.scheme {
-            SignatureScheme::RSA_PKCS1_SHA256 => (
-                BCRYPT_SHA256_ALG_HANDLE,
-                SignaturePadding::Pkcs1,
-            ),
-            SignatureScheme::RSA_PKCS1_SHA384 => (
-                BCRYPT_SHA384_ALG_HANDLE,
-                SignaturePadding::Pkcs1,
-            ),
-            SignatureScheme::RSA_PKCS1_SHA512 => (
-                BCRYPT_SHA512_ALG_HANDLE,
-                SignaturePadding::Pkcs1,
-            ),
-            SignatureScheme::RSA_PSS_SHA256 => (
-                BCRYPT_SHA256_ALG_HANDLE,
-                SignaturePadding::Pss,
-            ),
-            SignatureScheme::RSA_PSS_SHA384 => (
-                BCRYPT_SHA384_ALG_HANDLE,
-                SignaturePadding::Pss,
-            ),
-            SignatureScheme::RSA_PSS_SHA512 => (
-                BCRYPT_SHA512_ALG_HANDLE,
-                SignaturePadding::Pss,
-            ),
-            SignatureScheme::ECDSA_NISTP256_SHA256 => (
-                BCRYPT_SHA256_ALG_HANDLE,
-                SignaturePadding::None,
-            ),
-            SignatureScheme::ECDSA_NISTP384_SHA384 => (
-                BCRYPT_SHA384_ALG_HANDLE,
-                SignaturePadding::None,
-            ),
+            SignatureScheme::RSA_PKCS1_SHA256 => {
+                (BCRYPT_SHA256_ALG_HANDLE, SignaturePadding::Pkcs1)
+            }
+            SignatureScheme::RSA_PKCS1_SHA384 => {
+                (BCRYPT_SHA384_ALG_HANDLE, SignaturePadding::Pkcs1)
+            }
+            SignatureScheme::RSA_PKCS1_SHA512 => {
+                (BCRYPT_SHA512_ALG_HANDLE, SignaturePadding::Pkcs1)
+            }
+            SignatureScheme::RSA_PSS_SHA256 => (BCRYPT_SHA256_ALG_HANDLE, SignaturePadding::Pss),
+            SignatureScheme::RSA_PSS_SHA384 => (BCRYPT_SHA384_ALG_HANDLE, SignaturePadding::Pss),
+            SignatureScheme::RSA_PSS_SHA512 => (BCRYPT_SHA512_ALG_HANDLE, SignaturePadding::Pss),
+            SignatureScheme::ECDSA_NISTP256_SHA256 => {
+                (BCRYPT_SHA256_ALG_HANDLE, SignaturePadding::None)
+            }
+            SignatureScheme::ECDSA_NISTP384_SHA384 => {
+                (BCRYPT_SHA384_ALG_HANDLE, SignaturePadding::None)
+            }
             _ => return Err(Error::General("Unsupported signature scheme".to_owned())),
         };
 
-
-        let hash_len = match alg { 
-            BCRYPT_SHA256_ALG_HANDLE => 32, 
-            BCRYPT_SHA384_ALG_HANDLE => 48, 
-            BCRYPT_SHA512_ALG_HANDLE => 64, 
-            _ => return Err(Error::General("Unsupported hash algorithm!".to_owned())), 
-        }; 
+        let hash_len = match alg {
+            BCRYPT_SHA256_ALG_HANDLE => 32,
+            BCRYPT_SHA384_ALG_HANDLE => 48,
+            BCRYPT_SHA512_ALG_HANDLE => 64,
+            _ => return Err(Error::General("Unsupported hash algorithm!".to_owned())),
+        };
 
-        let mut hash = vec![0u8; hash_len]; 
+        let mut hash = vec![0u8; hash_len];
 
         unsafe {
             let status = BCryptHash(
                 alg as *mut core::ffi::c_void,
                 std::ptr::null_mut(), // pbSecret
-                0, // cbSecret
+                0,                    // cbSecret
                 message.as_ptr() as *mut u8,
                 message.len() as u32,
                 hash.as_mut_ptr(),
                 hash_len as u32,
             );
 
             if status != 0 {
-                return Err(Error::General(format!("BCryptHash failed with status: 0x{:X}", status)));
-            }      
+                return Err(Error::General(format!(
+                    "BCryptHash failed with status: 0x{:X}",
+                    status
+                )));
+            }
         }
         Ok((hash, padding))
-    } 
+    }
 }
 
 impl Signer for CngSigner {

diff --git a/src/store.rs b/src/store.rs
@@ -136,14 +136,13 @@ impl CertStore {
         unsafe { self.do_find(CERT_FIND_HASH, &hash_blob as *const _ as _) }
     }
 
-
-    /// On later OS releases, we added CERT_FIND_SHA256_HASH. 
+    /// On later OS releases, we added CERT_FIND_SHA256_HASH.
     /// However, rustls-cng could be installed on earlier OS release where this FIND_SHA256 isn't present.
-    /// But the CERT_SHA256_HASH_PROP_ID is present. 
+    /// But the CERT_SHA256_HASH_PROP_ID is present.
     /// So will need to add a new internal find function that gets and compares the SHA256 property.
-    /// Also, since SHA1 is being deprecated, Windows components should not use. 
+    /// Also, since SHA1 is being deprecated, Windows components should not use.
     /// Therefore, the need to find via SHA256 instead of SHA1.
-    
+
     /// Find list of certificates matching the SHA256 hash
     pub fn find_by_sha256<D>(&self, hash: D) -> Result<Vec<CertContext>>
     where
@@ -209,7 +208,14 @@ impl CertStore {
         let hash_blob = &*(find_param as *const CRYPT_INTEGER_BLOB);
         let sha256_hash = std::slice::from_raw_parts(hash_blob.pbData, hash_blob.cbData as usize);
         loop {
-            cert = CertFindCertificateInStore(self.0, MY_ENCODING_TYPE, 0, CERT_FIND_ANY, find_param, cert);
+            cert = CertFindCertificateInStore(
+                self.0,
+                MY_ENCODING_TYPE,
+                0,
+                CERT_FIND_ANY,
+                find_param,
+                cert,
+            );
             if cert.is_null() {
                 break;
             } else {
@@ -229,8 +235,8 @@ impl CertStore {
                     }
                 }
             }
-         }
-         Ok(certs)
+        }
+        Ok(certs)
     }
 
     fn find_by_str(&self, pattern: &str, flags: CERT_FIND_FLAGS) -> Result<Vec<CertContext>> {

diff --git a/tests/test_find.rs b/tests/test_find.rs
@@ -66,14 +66,13 @@ fn test_find_by_hash() {
 #[test]
 fn test_find_by_hash256() {
     let store = CertStore::from_pkcs12(PFX, PASSWORD).expect("Cannot open cert store");
-     
+
     let sha256 = [
-        0xC9, 0x7C, 0xD6, 0xA1, 0x3F, 0xF6, 0xBD, 0xF6,
-        0xD4, 0xE2, 0xFB, 0x0E, 0xCD, 0x74, 0x2F, 0x14,
-        0x30, 0x53, 0xB0, 0x89, 0xFA, 0x4D, 0xA5, 0xE5,
-        0x8B, 0xA3, 0x9F, 0x72, 0xED, 0x2F, 0x9F, 0xB6
+        0xC9, 0x7C, 0xD6, 0xA1, 0x3F, 0xF6, 0xBD, 0xF6, 0xD4, 0xE2, 0xFB, 0x0E, 0xCD, 0x74, 0x2F,
+        0x14, 0x30, 0x53, 0xB0, 0x89, 0xFA, 0x4D, 0xA5, 0xE5, 0x8B, 0xA3, 0x9F, 0x72, 0xED, 0x2F,
+        0x9F, 0xB6,
     ];
-    
+
     let context = store.find_by_sha256(sha256).unwrap().into_iter().next();
     assert!(context.is_some());
 }