Switch to edition 2024

Cargo.toml

@@ -11,7 +11,7 @@ members = ["authenticode", "authenticode-tool", "xtask"]
 resolver = "2"
 
 [workspace.package]
-edition = "2021"
+edition = "2024"
 license = "MIT OR Apache-2.0"
 repository = "https://github.com/google/authenticode-rs"
 rust-version = "1.85"

authenticode-tool/src/main.rs

@@ -8,7 +8,7 @@
 
 #![forbid(unsafe_code)]
 
-use anyhow::{anyhow, bail, Result};
+use anyhow::{Result, anyhow, bail};
 use authenticode::{
     AttributeCertificateIterator, AuthenticodeSignature, PeTrait,
 };
@@ -162,10 +162,12 @@ mod tests {
     #[test]
     fn test_action_info() {
         // Error: bad path.
-        assert!(run_action(&Action::Info {
-            pe_path: "../authenticode/tests/testdata/bad.efi".into(),
-        })
-        .is_err());
+        assert!(
+            run_action(&Action::Info {
+                pe_path: "../authenticode/tests/testdata/bad.efi".into(),
+            })
+            .is_err()
+        );
 
         // Success, no signatures.
         run_action(&Action::Info {
@@ -189,36 +191,46 @@ mod tests {
     #[test]
     fn test_action_get_cert() {
         // Error: bad path.
-        assert!(run_action(&Action::GetCert(GetCertAction {
-            pe_path: "../authenticode/tests/testdata/bad.efi".into(),
-            sig_index: 0,
-            cert_index: 0,
-        }))
-        .is_err());
+        assert!(
+            run_action(&Action::GetCert(GetCertAction {
+                pe_path: "../authenticode/tests/testdata/bad.efi".into(),
+                sig_index: 0,
+                cert_index: 0,
+            }))
+            .is_err()
+        );
 
         // Error: no signatures.
-        assert!(run_action(&Action::GetCert(GetCertAction {
-            pe_path: "../authenticode/tests/testdata/tiny64.efi".into(),
-            sig_index: 0,
-            cert_index: 0,
-        }))
-        .is_err());
+        assert!(
+            run_action(&Action::GetCert(GetCertAction {
+                pe_path: "../authenticode/tests/testdata/tiny64.efi".into(),
+                sig_index: 0,
+                cert_index: 0,
+            }))
+            .is_err()
+        );
 
         // Error: invalid signature index.
-        assert!(run_action(&Action::GetCert(GetCertAction {
-            pe_path: "../authenticode/tests/testdata/tiny64.signed.efi".into(),
-            sig_index: 1,
-            cert_index: 0,
-        }))
-        .is_err());
+        assert!(
+            run_action(&Action::GetCert(GetCertAction {
+                pe_path: "../authenticode/tests/testdata/tiny64.signed.efi"
+                    .into(),
+                sig_index: 1,
+                cert_index: 0,
+            }))
+            .is_err()
+        );
 
         // Error: invalid certificate index.
-        assert!(run_action(&Action::GetCert(GetCertAction {
-            pe_path: "../authenticode/tests/testdata/tiny64.signed.efi".into(),
-            sig_index: 0,
-            cert_index: 1,
-        }))
-        .is_err());
+        assert!(
+            run_action(&Action::GetCert(GetCertAction {
+                pe_path: "../authenticode/tests/testdata/tiny64.signed.efi"
+                    .into(),
+                sig_index: 0,
+                cert_index: 1,
+            }))
+            .is_err()
+        );
 
         // Success, 32-bit.
         run_action(&Action::GetCert(GetCertAction {

authenticode/src/lib.rs

@@ -48,8 +48,8 @@ pub use authenticode_digest::authenticode_digest;
 pub use pe::{PeOffsetError, PeOffsets, PeTrait};
 pub use signature::{
     AuthenticodeSignature, AuthenticodeSignatureParseError, DigestInfo,
-    SpcAttributeTypeAndOptionalValue, SpcIndirectDataContent,
-    SPC_INDIRECT_DATA_OBJID,
+    SPC_INDIRECT_DATA_OBJID, SpcAttributeTypeAndOptionalValue,
+    SpcIndirectDataContent,
 };
 pub use win_cert::{
     AttributeCertificate, AttributeCertificateAuthenticodeError,

authenticode/src/pe_object.rs

@@ -10,10 +10,10 @@ use crate::pe::{PeOffsetError, PeOffsets, PeTrait};
 use crate::usize_from_u32;
 use core::mem;
 use core::ops::Range;
-use object::pe::{ImageDataDirectory, IMAGE_DIRECTORY_ENTRY_SECURITY};
+use object::pe::{IMAGE_DIRECTORY_ENTRY_SECURITY, ImageDataDirectory};
 use object::read::pe::ImageOptionalHeader;
 use object::read::pe::{ImageNtHeaders, PeFile};
-use object::{pod, LittleEndian, SectionIndex};
+use object::{LittleEndian, SectionIndex, pod};
 
 impl<'data, I> PeTrait for PeFile<'data, I>
 where

authenticode/src/signature.rs

@@ -10,8 +10,8 @@ use cms::content_info::CmsVersion;
 use cms::content_info::ContentInfo;
 use cms::signed_data::{SignedData, SignerInfo};
 use core::fmt::{self, Display, Formatter};
-use der::asn1::{ObjectIdentifier, OctetString};
 use der::Decode;
+use der::asn1::{ObjectIdentifier, OctetString};
 use der::{Sequence, SliceReader};
 use x509_cert::Certificate;
 

authenticode/src/win_cert.rs

@@ -6,8 +6,8 @@
 // option. This file may not be copied, modified, or distributed
 // except according to those terms.
 
-use crate::usize_from_u32;
 use crate::PeTrait;
+use crate::usize_from_u32;
 use crate::{AuthenticodeSignature, AuthenticodeSignatureParseError};
 use core::fmt::{self, Display, Formatter};
 
@@ -59,10 +59,16 @@ impl Display for AttributeCertificateError {
                 write!(f, "certificate table range is out of bounds")
             }
             Self::InvalidSize => {
-                write!(f, "certificate table size does not match the sum of the certificate entry's aligned sizes")
+                write!(
+                    f,
+                    "certificate table size does not match the sum of the certificate entry's aligned sizes"
+                )
             }
             Self::InvalidCertificateSize { size } => {
-                write!(f, "certificate table contains an entry with an invalid size: {size}")
+                write!(
+                    f,
+                    "certificate table contains an entry with an invalid size: {size}"
+                )
             }
         }
     }

authenticode/tests/test_authenticode.rs

@@ -19,8 +19,8 @@ use core::slice;
 use digest::{Digest, Update};
 use object::endian::LittleEndian as LE;
 use object::pe::{
-    ImageDataDirectory, ImageFileHeader, ImageOptionalHeader64,
-    IMAGE_DIRECTORY_ENTRY_SECURITY,
+    IMAGE_DIRECTORY_ENTRY_SECURITY, ImageDataDirectory, ImageFileHeader,
+    ImageOptionalHeader64,
 };
 use object::read::pe::{PeFile32, PeFile64};
 use sha1::Sha1;
@@ -127,20 +127,26 @@ fn check_exe(pe: &dyn PeTrait, expected: Expected) {
 fn test_authenticode32() {
     let pe = include_bytes!("testdata/tiny32.signed.efi");
     let pe64 = PeFile32::parse(pe.as_slice()).unwrap();
-    check_exe(&pe64, Expected {
-        sha1: "49f239f1cd5083912880e03982bb54528f2c358d",
-        sha256: "4f5b3633fc51d9447beb5c546e9ae6e58d6eb42d1e96d623dc168d97013c08a8",
-    });
+    check_exe(
+        &pe64,
+        Expected {
+            sha1: "49f239f1cd5083912880e03982bb54528f2c358d",
+            sha256: "4f5b3633fc51d9447beb5c546e9ae6e58d6eb42d1e96d623dc168d97013c08a8",
+        },
+    );
 }
 
 #[test]
 fn test_authenticode64() {
     let pe = include_bytes!("testdata/tiny64.signed.efi");
     let pe64 = PeFile64::parse(pe.as_slice()).unwrap();
-    check_exe(&pe64, Expected {
-        sha1: "e9bdfb63bdf687b8d3bf144033fcb09d7a393563",
-        sha256: "a82d7e4f091c44ec75d97746b3461c8ea9151e2313f8e9a4330432ee5f25b2ae",
-    });
+    check_exe(
+        &pe64,
+        Expected {
+            sha1: "e9bdfb63bdf687b8d3bf144033fcb09d7a393563",
+            sha256: "a82d7e4f091c44ec75d97746b3461c8ea9151e2313f8e9a4330432ee5f25b2ae",
+        },
+    );
 }
 
 fn modify_image_security_data_dir<F>(f: F) -> Vec<u8>