sigstore · flavio · Feb 7, 2023 · Feb 5, 2023 · Feb 7, 2023
diff --git a/src/cosign/bundle.rs b/src/cosign/bundle.rs
@@ -47,7 +47,7 @@ impl SignedArtifactBundle {
     /// using the supplied `rekor_pub_key` public key.
     pub fn new_verified(raw: &str, rekor_pub_key: &CosignVerificationKey) -> Result<Self> {
         let bundle: SignedArtifactBundle = serde_json::from_str(raw).map_err(|e| {
-            SigstoreError::UnexpectedError(format!("Cannot parse bundle |{}|: {:?}", raw, e))
+            SigstoreError::UnexpectedError(format!("Cannot parse bundle |{raw}|: {e:?}"))
         })?;
         Bundle::verify_bundle(&bundle.rekor_bundle, rekor_pub_key).map(|_| bundle)
     }
@@ -81,7 +81,7 @@ impl Bundle {
     /// using the supplied `rekor_pub_key` public key.
     pub(crate) fn new_verified(raw: &str, rekor_pub_key: &CosignVerificationKey) -> Result<Self> {
         let bundle: Bundle = serde_json::from_str(raw).map_err(|e| {
-            SigstoreError::UnexpectedError(format!("Cannot parse bundle |{}|: {:?}", raw, e))
+            SigstoreError::UnexpectedError(format!("Cannot parse bundle |{raw}|: {e:?}"))
         })?;
         Self::verify_bundle(&bundle, rekor_pub_key).map(|_| bundle)
     }
@@ -98,8 +98,7 @@ impl Bundle {
         let mut ser = serde_json::Serializer::with_formatter(&mut buf, CanonicalFormatter::new());
         bundle.payload.serialize(&mut ser).map_err(|e| {
             SigstoreError::UnexpectedError(format!(
-                "Cannot create canonical JSON representation of bundle: {:?}",
-                e
+                "Cannot create canonical JSON representation of bundle: {e:?}"
             ))
         })?;
 

diff --git a/src/cosign/signature_layers.rs b/src/cosign/signature_layers.rs
@@ -81,7 +81,7 @@ impl fmt::Display for CertificateSignature {
             self.github_workflow_ref,
         );
 
-        write!(f, "{}", msg)
+        write!(f, "{msg}")
     }
 }
 
@@ -174,7 +174,7 @@ impl fmt::Display for SignatureLayer {
             self.simple_signing,
         );
 
-        write!(f, "{}", msg)
+        write!(f, "{msg}")
     }
 }
 
@@ -256,8 +256,7 @@ impl SignatureLayer {
 
         let simple_signing: SimpleSigning = serde_json::from_slice(&layer.data).map_err(|e| {
             SigstoreError::UnexpectedError(format!(
-                "Cannot convert layer data into SimpleSigning object: {:?}",
-                e
+                "Cannot convert layer data into SimpleSigning object: {e:?}"
             ))
         })?;
 
@@ -497,8 +496,7 @@ fn get_cert_extension_by_oid(
         .map(|ext| {
             String::from_utf8(ext.value.to_vec()).map_err(|_| {
                 SigstoreError::UnexpectedError(format!(
-                    "Certificate's extension Sigstore {} is not UTF8 compatible",
-                    ext_oid_name,
+                    "Certificate's extension Sigstore {ext_oid_name} is not UTF8 compatible"
                 ))
             })
         })

diff --git a/src/crypto/mod.rs b/src/crypto/mod.rs
@@ -91,7 +91,7 @@ impl TryFrom<&str> for SigningScheme {
             "RSA_PKCS1_SHA256" => Ok(Self::RSA_PKCS1_SHA256(DEFAULT_KEY_SIZE)),
             "RSA_PKCS1_SHA384" => Ok(Self::RSA_PKCS1_SHA384(DEFAULT_KEY_SIZE)),
             "RSA_PKCS1_SHA512" => Ok(Self::RSA_PKCS1_SHA512(DEFAULT_KEY_SIZE)),
-            unknown => Err(format!("Unsupported signing algorithm: {}", unknown)),
+            unknown => Err(format!("Unsupported signing algorithm: {unknown}")),
         }
     }
 }

diff --git a/src/crypto/signing_key/ecdsa/ec.rs b/src/crypto/signing_key/ecdsa/ec.rs
@@ -147,14 +147,13 @@ where
             COSIGN_PRIVATE_KEY_PEM_LABEL | SIGSTORE_PRIVATE_KEY_PEM_LABEL => {
                 let der = kdf::decrypt(&key.contents, password)?;
                 let pkcs8 = pkcs8::PrivateKeyInfo::try_from(&der[..]).map_err(|e| {
-                    SigstoreError::PKCS8Error(format!("Read PrivateKeyInfo failed: {}", e))
+                    SigstoreError::PKCS8Error(format!("Read PrivateKeyInfo failed: {e}"))
                 })?;
                 let ec_seckey = SecretKey::<C>::from_sec1_der(pkcs8.private_key)?;
                 Self::from_private_key(ec_seckey)
             }
             tag => Err(SigstoreError::PrivateKeyDecryptError(format!(
-                "Unsupported pem tag {}",
-                tag
+                "Unsupported pem tag {tag}"
             ))),
         }
     }
@@ -170,15 +169,13 @@ where
                 let ec_seckey =
                     SecretKey::<C>::from_pkcs8_der(document.as_bytes()).map_err(|e| {
                         SigstoreError::PKCS8Error(format!(
-                            "Convert from pkcs8 pem to ecdsa private key failed: {}",
-                            e
+                            "Convert from pkcs8 pem to ecdsa private key failed: {e}"
                         ))
                     })?;
                 Self::from_private_key(ec_seckey)
             }
             tag => Err(SigstoreError::PrivateKeyDecryptError(format!(
-                "Unsupported pem tag {}",
-                tag
+                "Unsupported pem tag {tag}"
             ))),
         }
     }
@@ -187,8 +184,7 @@ where
     pub fn from_der(private_key: &[u8]) -> Result<Self> {
         let ec_seckey = SecretKey::<C>::from_pkcs8_der(private_key).map_err(|e| {
             SigstoreError::PKCS8Error(format!(
-                "Convert from pkcs8 der to ecdsa private key failed: {}",
-                e,
+                "Convert from pkcs8 der to ecdsa private key failed: {e}"
             ))
         })?;
         Self::from_private_key(ec_seckey)
@@ -317,8 +313,7 @@ where
             ecdsa::SigningKey::<C>::from_pkcs8_der(ecdsa_keys.private_key_to_der()?.as_bytes())
                 .map_err(|e| {
                     SigstoreError::PKCS8Error(format!(
-                        "Convert from pkcs8 der to ecdsa private key failed: {}",
-                        e,
+                        "Convert from pkcs8 der to ecdsa private key failed: {e}"
                     ))
                 })?;
 

diff --git a/src/crypto/signing_key/ed25519.rs b/src/crypto/signing_key/ed25519.rs
@@ -94,8 +94,7 @@ impl Ed25519Keys {
         let key_pair_bytes = KeypairBytes::from_bytes(&key_pair.to_bytes());
         let public_key_bytes = PublicKeyBytes::try_from(&key_pair_bytes).map_err(|e| {
             SigstoreError::PKCS8SpkiError(format!(
-                "ED25519 convert from keypair to public key failed: {}",
-                e
+                "ED25519 convert from keypair to public key failed: {e}"
             ))
         })?;
         Ok(Self {
@@ -120,19 +119,17 @@ impl Ed25519Keys {
             COSIGN_PRIVATE_KEY_PEM_LABEL | SIGSTORE_PRIVATE_KEY_PEM_LABEL => {
                 let der = kdf::decrypt(&key.contents, password)?;
                 let pkcs8 = pkcs8::PrivateKeyInfo::try_from(&der[..]).map_err(|e| {
-                    SigstoreError::PKCS8Error(format!("Read PrivateKeyInfo failed: {}", e))
+                    SigstoreError::PKCS8Error(format!("Read PrivateKeyInfo failed: {e}"))
                 })?;
                 let key_pair_bytes = KeypairBytes::try_from(pkcs8).map_err(|e| {
                     SigstoreError::PKCS8Error(format!(
-                        "Convert from pkcs8 pem to ed25519 private key failed: {}",
-                        e,
+                        "Convert from pkcs8 pem to ed25519 private key failed: {e}"
                     ))
                 })?;
                 Self::from_key_pair_bytes(key_pair_bytes)
             }
             tag => Err(SigstoreError::PrivateKeyDecryptError(format!(
-                "Unsupported pem tag {}",
-                tag
+                "Unsupported pem tag {tag}"
             ))),
         }
     }
@@ -147,20 +144,18 @@ impl Ed25519Keys {
         match label {
             PRIVATE_KEY_PEM_LABEL => {
                 let pkcs8 = pkcs8::PrivateKeyInfo::try_from(document.as_bytes()).map_err(|e| {
-                    SigstoreError::PKCS8Error(format!("Read PrivateKeyInfo failed: {}", e))
+                    SigstoreError::PKCS8Error(format!("Read PrivateKeyInfo failed: {e}"))
                 })?;
                 let key_pair_bytes = KeypairBytes::try_from(pkcs8).map_err(|e| {
                     SigstoreError::PKCS8Error(format!(
-                        "Convert from pkcs8 pem to ed25519 private key failed: {}",
-                        e,
+                        "Convert from pkcs8 pem to ed25519 private key failed: {e}"
                     ))
                 })?;
                 Self::from_key_pair_bytes(key_pair_bytes)
             }
 
             tag => Err(SigstoreError::PrivateKeyDecryptError(format!(
-                "Unsupported pem tag {}",
-                tag
+                "Unsupported pem tag {tag}"
             ))),
         }
     }
@@ -169,8 +164,7 @@ impl Ed25519Keys {
     pub fn from_der(der_bytes: &[u8]) -> Result<Self> {
         let key_pair_bytes = KeypairBytes::from_pkcs8_der(der_bytes).map_err(|e| {
             SigstoreError::PKCS8Error(format!(
-                "Convert from pkcs8 der to ed25519 private key failed: {}",
-                e,
+                "Convert from pkcs8 der to ed25519 private key failed: {e}"
             ))
         })?;
         Self::from_key_pair_bytes(key_pair_bytes)
@@ -180,8 +174,7 @@ impl Ed25519Keys {
     fn from_key_pair_bytes(key_pair_bytes: KeypairBytes) -> Result<Self> {
         let public_key_bytes = PublicKeyBytes::try_from(&key_pair_bytes).map_err(|e| {
             SigstoreError::PKCS8SpkiError(format!(
-                "ED25519 convert from keypair to public key failed: {}",
-                e,
+                "ED25519 convert from keypair to public key failed: {e}"
             ))
         })?;
         let key_pair = ed25519_dalek_fiat::Keypair::from_bytes(
@@ -280,8 +273,7 @@ impl Ed25519Signer {
             })?);
         let public_key_bytes = PublicKeyBytes::try_from(&key_pair_bytes).map_err(|e| {
             SigstoreError::PKCS8SpkiError(format!(
-                "ED25519 convert from keypair to public key failed: {}",
-                e,
+                "ED25519 convert from keypair to public key failed: {e}"
             ))
         })?;
 

diff --git a/src/crypto/signing_key/rsa/keypair.rs b/src/crypto/signing_key/rsa/keypair.rs
@@ -94,20 +94,18 @@ impl RSAKeys {
             COSIGN_PRIVATE_KEY_PEM_LABEL | SIGSTORE_PRIVATE_KEY_PEM_LABEL => {
                 let der = kdf::decrypt(&key.contents, password)?;
                 let pkcs8 = pkcs8::PrivateKeyInfo::try_from(&der[..]).map_err(|e| {
-                    SigstoreError::PKCS8Error(format!("Read PrivateKeyInfo failed: {}", e))
+                    SigstoreError::PKCS8Error(format!("Read PrivateKeyInfo failed: {e}"))
                 })?;
                 let private_key = RsaPrivateKey::try_from(pkcs8).map_err(|e| {
                     SigstoreError::PKCS8Error(format!(
-                        "Convert from pkcs8 pem to rsa private key failed: {}",
-                        e,
+                        "Convert from pkcs8 pem to rsa private key failed: {e}"
                     ))
                 })?;
                 Ok(Self::from(private_key))
             }
 
             tag => Err(SigstoreError::PrivateKeyDecryptError(format!(
-                "Unsupported pem tag {}",
-                tag
+                "Unsupported pem tag {tag}"
             ))),
         }
     }
@@ -122,12 +120,11 @@ impl RSAKeys {
         match label {
             PRIVATE_KEY_PEM_LABEL => {
                 let pkcs8 = pkcs8::PrivateKeyInfo::try_from(document.as_bytes()).map_err(|e| {
-                    SigstoreError::PKCS8Error(format!("Read PrivateKeyInfo failed: {}", e))
+                    SigstoreError::PKCS8Error(format!("Read PrivateKeyInfo failed: {e}"))
                 })?;
                 let private_key = RsaPrivateKey::try_from(pkcs8).map_err(|e| {
                     SigstoreError::PKCS8Error(format!(
-                        "Convert from pkcs8 pem to rsa private key failed: {}",
-                        e,
+                        "Convert from pkcs8 pem to rsa private key failed: {e}"
                     ))
                 })?;
                 Ok(Self::from(private_key))
@@ -139,8 +136,7 @@ impl RSAKeys {
             }
 
             tag => Err(SigstoreError::PrivateKeyDecryptError(format!(
-                "Unsupported pem tag {}",
-                tag
+                "Unsupported pem tag {tag}"
             ))),
         }
     }
@@ -149,8 +145,7 @@ impl RSAKeys {
     pub fn from_der(der_bytes: &[u8]) -> Result<Self> {
         let private_key = RsaPrivateKey::from_pkcs8_der(der_bytes).map_err(|e| {
             SigstoreError::PKCS8Error(format!(
-                "Convert from pkcs8 der to rsa private key failed: {}",
-                e,
+                "Convert from pkcs8 der to rsa private key failed: {e}"
             ))
         })?;
         Ok(Self::from(private_key))

diff --git a/src/crypto/verification_key.rs b/src/crypto/verification_key.rs
@@ -105,8 +105,7 @@ impl CosignVerificationKey {
                 CosignVerificationKey::RSA_PSS_SHA256(pss::VerifyingKey::new(
                     rsa::RsaPublicKey::from_public_key_der(der_data).map_err(|e| {
                         SigstoreError::PKCS8SpkiError(format!(
-                            "read rsa public key from der failed: {}",
-                            e
+                            "read rsa public key from der failed: {e}"
                         ))
                     })?,
                 ))
@@ -115,8 +114,7 @@ impl CosignVerificationKey {
                 CosignVerificationKey::RSA_PSS_SHA384(pss::VerifyingKey::new(
                     rsa::RsaPublicKey::from_public_key_der(der_data).map_err(|e| {
                         SigstoreError::PKCS8SpkiError(format!(
-                            "read rsa public key from der failed: {}",
-                            e
+                            "read rsa public key from der failed: {e}"
                         ))
                     })?,
                 ))
@@ -125,8 +123,7 @@ impl CosignVerificationKey {
                 CosignVerificationKey::RSA_PSS_SHA512(pss::VerifyingKey::new(
                     rsa::RsaPublicKey::from_public_key_der(der_data).map_err(|e| {
                         SigstoreError::PKCS8SpkiError(format!(
-                            "read rsa public key from der failed: {}",
-                            e
+                            "read rsa public key from der failed: {e}"
                         ))
                     })?,
                 ))
@@ -135,8 +132,7 @@ impl CosignVerificationKey {
                 CosignVerificationKey::RSA_PKCS1_SHA256(pkcs1v15::VerifyingKey::new_with_prefix(
                     rsa::RsaPublicKey::from_public_key_der(der_data).map_err(|e| {
                         SigstoreError::PKCS8SpkiError(format!(
-                            "read rsa public key from der failed: {}",
-                            e
+                            "read rsa public key from der failed: {e}"
                         ))
                     })?,
                 ))
@@ -145,8 +141,7 @@ impl CosignVerificationKey {
                 CosignVerificationKey::RSA_PKCS1_SHA384(pkcs1v15::VerifyingKey::new_with_prefix(
                     rsa::RsaPublicKey::from_public_key_der(der_data).map_err(|e| {
                         SigstoreError::PKCS8SpkiError(format!(
-                            "read rsa public key from der failed: {}",
-                            e
+                            "read rsa public key from der failed: {e}"
                         ))
                     })?,
                 ))
@@ -155,25 +150,22 @@ impl CosignVerificationKey {
                 CosignVerificationKey::RSA_PKCS1_SHA512(pkcs1v15::VerifyingKey::new_with_prefix(
                     rsa::RsaPublicKey::from_public_key_der(der_data).map_err(|e| {
                         SigstoreError::PKCS8SpkiError(format!(
-                            "read rsa public key from der failed: {}",
-                            e
+                            "read rsa public key from der failed: {e}"
                         ))
                     })?,
                 ))
             }
             SigningScheme::ECDSA_P256_SHA256_ASN1 => CosignVerificationKey::ECDSA_P256_SHA256_ASN1(
                 ecdsa::VerifyingKey::from_public_key_der(der_data).map_err(|e| {
                     SigstoreError::PKCS8SpkiError(format!(
-                        "Ecdsa-P256 from der bytes to public key failed: {}",
-                        e,
+                        "Ecdsa-P256 from der bytes to public key failed: {e}"
                     ))
                 })?,
             ),
             SigningScheme::ECDSA_P384_SHA384_ASN1 => CosignVerificationKey::ECDSA_P384_SHA384_ASN1(
                 ecdsa::VerifyingKey::from_public_key_der(der_data).map_err(|e| {
                     SigstoreError::PKCS8SpkiError(format!(
-                        "Ecdsa-P384 from der bytes to public key failed: {}",
-                        e,
+                        "Ecdsa-P384 from der bytes to public key failed: {e}"
                     ))
                 })?,
             ),

diff --git a/src/errors.rs b/src/errors.rs
@@ -143,7 +143,7 @@ pub enum SigstoreError {
     SigstoreNoVerifiedLayer,
 
     #[error(transparent)]
-    TufError(#[from] tough::error::Error),
+    TufError(#[from] Box<tough::error::Error>),
 
     #[error("TUF target {0} not found inside of repository")]
     TufTargetNotFoundError(String),

diff --git a/src/fulcio/oauth.rs b/src/fulcio/oauth.rs
@@ -96,7 +96,7 @@ impl OauthTokenProvider {
                     url.0,
                 );
             }
-            Err(e) => println!("{}", e),
+            Err(e) => println!("{e}"),
         }
 
         let oidc_url = oidc_url?;

diff --git a/src/oauth/openidflow.rs b/src/oauth/openidflow.rs
@@ -234,12 +234,12 @@ impl RedirectListener {
                         .nth(1)
                         .ok_or(SigstoreError::RedirectUrlRequestLineError)?;
                     let url =
-                        Url::parse(format!("http://localhost{}", client_redirect_host).as_str())?;
+                        Url::parse(format!("http://localhost{client_redirect_host}").as_str())?;
 
                     let code_pair = url
                         .query_pairs()
                         .find(|pair| {
-                            let &(ref key, _) = pair;
+                            let (key, _) = pair;
                             key == "code"
                         })
                         .ok_or(SigstoreError::CodePairError)?;
-Original file line number
+Diff line change
@@ Expand Up / @@ -96,7 +96,7 @@ impl OauthTokenProvider { @@
                         url.0,
                     );
                 }
-                Err(e) => println!("{}", e),
+                Err(e) => println!("{e}"),
             }
             let oidc_url = oidc_url?;
@@ Expand Down @@