Cryptokit clippy

.github/workflows/native_build.yml

@@ -88,6 +88,25 @@ jobs:
         run: cargo clippy --all-targets --all-features --workspace -- -D warnings
       - name: Clippy Bare Bones
         run: cargo clippy --all-targets --no-default-features --features std,test_util --workspace -- -D warnings
+  LintAndFormattingMacOS:
+    # XXX(RLB): It would be good to just use macos-latest here, but
+    # apparently if you do that, sometimes you get an older (not latest)
+    # version.  And we require v14 in order to build the CryptoKit provider.
+    runs-on: macos-14
+    steps: 
+      - uses: actions/checkout@v3
+      - uses: arduino/setup-protoc@v2
+        with:
+          version: "25.x"
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: dtolnay/rust-toolchain@stable
+      - uses: Swatinem/rust-cache@v2
+        with:
+          save-if: ${{ github.ref == 'refs/heads/main' }}
+      - name: Rust Fmt
+        run: cargo fmt -p mls-rs-crypto-cryptokit
+      - name: Clippy
+        run: cargo clippy -p mls-rs-crypto-cryptokit -- -D warnings
   CodeCoverage:
     runs-on: ubuntu-latest
     steps:

mls-rs-core/Cargo.toml

@@ -26,7 +26,7 @@ mls-rs-codec = { version = "0.5.2", path = "../mls-rs-codec", default-features =
 zeroize = { version = "1", default-features = false, features = ["alloc", "zeroize_derive"] }
 arbitrary = { version = "1", features = ["derive"], optional = true }
 thiserror = { version = "1.0.40", optional = true }
-safer-ffi = { version = "0.1.3", default-features = false, optional = true }
+safer-ffi = { version = "0.1.7", default-features = false, optional = true }
 safer-ffi-gen = { version = "0.9.2", default-features = false, optional = true }
 maybe-async = "0.2.10"
 

mls-rs-crypto-cryptokit/src/kem.rs

@@ -324,7 +324,7 @@ impl Kem {
         priv_buf.truncate(priv_len as usize);
         pub_buf.truncate(pub_len as usize);
 
-        return Ok((priv_buf.into(), pub_buf.into()));
+        Ok((priv_buf.into(), pub_buf.into()))
     }
 
     pub fn derive(&self, ikm: &[u8]) -> Result<(HpkeSecretKey, HpkePublicKey), KemError> {
@@ -351,13 +351,13 @@ impl Kem {
         priv_buf.truncate(priv_len as usize);
         pub_buf.truncate(pub_len as usize);
 
-        return Ok((priv_buf.into(), pub_buf.into()));
+        Ok((priv_buf.into(), pub_buf.into()))
     }
 
     pub fn public_key_validate(&self, key: &HpkePublicKey) -> Result<(), KemError> {
         let rv = unsafe { kem_public_key_validate(self.0 as u16, key.as_ptr(), key.len() as u64) };
 
-        (rv == 1).then(|| ()).ok_or(KemError::CryptoKitError)
+        (rv == 1).then_some(()).ok_or(KemError::CryptoKitError)
     }
 
     pub fn hpke_setup_s(

mls-rs-crypto-cryptokit/src/lib.rs

@@ -147,7 +147,7 @@ impl CryptoKitCipherSuite {
 
     pub fn random_bytes(&self, out: &mut [u8]) -> Result<(), CryptoKitError> {
         random::fill(out)
-            .then(|| ())
+            .then_some(())
             .ok_or(CryptoKitError::RandError)
     }
 }
@@ -263,7 +263,7 @@ impl CipherSuiteProvider for CryptoKitCipherSuite {
         let (kem_output, mut ctx) = self.hpke_setup_s(remote_key, info)?;
         let ciphertext = ctx
             .seal(aad, pt)
-            .map_err(|e| <KemError as Into<CryptoKitError>>::into(e))?;
+            .map_err(<KemError as Into<CryptoKitError>>::into)?;
         Ok(HpkeCiphertext {
             kem_output,
             ciphertext,
@@ -281,12 +281,12 @@ impl CipherSuiteProvider for CryptoKitCipherSuite {
         let mut ctx =
             self.hpke_setup_r(&ciphertext.kem_output, local_secret, local_public, info)?;
         ctx.open(aad, &ciphertext.ciphertext)
-            .map_err(|e| <KemError as Into<CryptoKitError>>::into(e))
+            .map_err(<KemError as Into<CryptoKitError>>::into)
     }
 
     fn random_bytes(&self, out: &mut [u8]) -> Result<(), Self::Error> {
         random::fill(out)
-            .then(|| ())
+            .then_some(())
             .ok_or(CryptoKitError::RandError)
     }
 

mls-rs-crypto-cryptokit/src/sig.rs

@@ -74,13 +74,10 @@ impl Signature {
     const DEFAULT_BUFFER_SIZE: usize = 192;
 
     fn supported_curve(curve: Curve) -> bool {
-        match curve {
-            Curve::P256 => true,
-            Curve::P384 => true,
-            Curve::P521 => true,
-            Curve::Ed25519 => true,
-            _ => false,
-        }
+        matches!(
+            curve,
+            Curve::P256 | Curve::P384 | Curve::P521 | Curve::Ed25519
+        )
     }
 
     pub fn new(cipher_suite: CipherSuite) -> Option<Self> {
@@ -91,7 +88,7 @@ impl Signature {
 
     pub fn new_from_curve(curve: Curve) -> Result<Self, SignatureError> {
         Self::supported_curve(curve)
-            .then(|| Self(curve))
+            .then_some(Self(curve))
             .ok_or(SignatureError::UnsupportedCurve)
     }
 
@@ -120,7 +117,7 @@ impl Signature {
         let pub_len = pub_len as usize;
         let pub_key = SignaturePublicKey::new_slice(&pub_buf[..pub_len]);
 
-        return Ok((priv_key, pub_key));
+        Ok((priv_key, pub_key))
     }
 
     pub fn derive_public(
@@ -146,7 +143,7 @@ impl Signature {
         let pub_len = pub_len as usize;
         let pub_key = SignaturePublicKey::new_slice(&pub_buf[..pub_len]);
 
-        return Ok(pub_key);
+        Ok(pub_key)
     }
 
     pub fn sign(
@@ -173,7 +170,7 @@ impl Signature {
         }
 
         let sig_len = sig_len as usize;
-        return Ok(sig_buf[..sig_len].to_vec());
+        Ok(sig_buf[..sig_len].to_vec())
     }
 
     pub fn verify(
@@ -195,7 +192,7 @@ impl Signature {
         };
 
         (rv == 1)
-            .then(|| ())
+            .then_some(())
             .ok_or(SignatureError::InvalidSignature)
     }
 }

mls-rs-ffi/Cargo.toml

@@ -23,5 +23,5 @@ mls-rs = { path = "../mls-rs", version = "0.39.0", features = ["ffi"] }
 mls-rs-crypto-openssl = { path = "../mls-rs-crypto-openssl", version = "0.9.0", optional = true }
 mls-rs-identity-x509 = { path = "../mls-rs-identity-x509", version = "0.11.0", optional = true }
 mls-rs-provider-sqlite = { path = "../mls-rs-provider-sqlite", version = "0.11.0", default-features = false, optional = true }
-safer-ffi = { version = "0.1.3", default-features = false }
+safer-ffi = { version = "0.1.7", default-features = false }
 safer-ffi-gen = { version = "0.9.2", default-features = false }

mls-rs/Cargo.toml

@@ -68,7 +68,7 @@ mls-rs-crypto-openssl = { path = "../mls-rs-crypto-openssl", optional = true, ve
 # TODO: https://github.com/GoogleChromeLabs/wasm-bindgen-rayon
 rayon = { version = "1", optional = true }
 arbitrary = { version = "1", features = ["derive"], optional = true }
-safer-ffi = { version = "0.1.3", default-features = false, optional = true }
+safer-ffi = { version = "0.1.7", default-features = false, optional = true }
 safer-ffi-gen = { version = "0.9.2", default-features = false, optional = true }
 once_cell = { version = "1.18", optional = true }
 serde = { version = "1.0", default-features = false, features = ["alloc", "derive"], optional = true }