Cargo fmt

quexten · quexten · commit 55629fff8c2a · 2025-06-20T20:06:18.000+02:00
diff --git a/crates/bitwarden-core/src/client/encryption_settings.rs b/crates/bitwarden-core/src/client/encryption_settings.rs
@@ -1,4 +1,4 @@
-use bitwarden_crypto::security_state::SignedSecurityState;
+use bitwarden_crypto::{security_state::SignedSecurityState, CryptoError};
 #[cfg(feature = "internal")]
 use bitwarden_crypto::{EncString, UnsignedSharedKey};
 #[cfg(any(feature = "internal", feature = "secrets"))]
@@ -8,8 +8,6 @@ use thiserror::Error;
 #[cfg(any(feature = "internal", feature = "secrets"))]
 use uuid::Uuid;
 
-use bitwarden_crypto::CryptoError;
-
 #[cfg(any(feature = "internal", feature = "secrets"))]
 use crate::key_management::{KeyIds, SymmetricKeyId};
 use crate::{error::UserIdAlreadySetError, MissingPrivateKeyError, VaultLockedError};
@@ -64,9 +62,10 @@ impl EncryptionSettings {
 
         use crate::key_management::{AsymmetricKeyId, SymmetricKeyId};
 
-        // This is an all-or-nothing check. The server cannot pretend a signing key or security state to be missing, because they are *always* present when the
-        // user key is an XChaCha20Poly1305Key. Thus, the server or network cannot lie about the presence of these, because otherwise the entire user account will
-        // fail to decrypt.
+        // This is an all-or-nothing check. The server cannot pretend a signing key or security
+        // state to be missing, because they are *always* present when the user key is an
+        // XChaCha20Poly1305Key. Thus, the server or network cannot lie about the presence of these,
+        // because otherwise the entire user account will fail to decrypt.
         let is_v2_user = if let SymmetricCryptoKey::XChaCha20Poly1305Key(_) = user_key {
             true
         } else {
@@ -113,8 +112,8 @@ impl EncryptionSettings {
             let private_key = {
                 let dec: Vec<u8> = private_key.decrypt_with_key(&user_key)?;
 
-                // FIXME: [PM-11690] - Temporarily ignore invalid private keys until we have a recovery
-                // process in place.
+                // FIXME: [PM-11690] - Temporarily ignore invalid private keys until we have a
+                // recovery process in place.
                 AsymmetricCryptoKey::from_der(&dec)
                     .map_err(|_| {
                         warn!("Invalid private key");
diff --git a/crates/bitwarden-crypto/src/lib.rs b/crates/bitwarden-crypto/src/lib.rs
@@ -34,8 +34,8 @@ mod store;
 pub use store::{KeyStore, KeyStoreContext};
 mod cose;
 pub use cose::CoseSerializable;
-/// The `SecurityState` module provides functionality to cryptographically attest to which features are allowed to be used for
-/// a user.
+/// The `SecurityState` module provides functionality to cryptographically attest to which features
+/// are allowed to be used for a user.
 pub mod security_state;
 mod signing;
 pub use signing::*;
diff --git a/crates/bitwarden-crypto/src/security_state.rs b/crates/bitwarden-crypto/src/security_state.rs
@@ -1,20 +1,24 @@
-//! Security state is a signed object that attests to a user's (or later an organization's) security state.
-//! The security goal is to prevent downgrades of specific features within the user's account by the server / a
-//! networked attacker with TLS introspection access.
+//! Security state is a signed object that attests to a user's (or later an organization's) security
+//! state. The security goal is to prevent downgrades of specific features within the user's account
+//! by the server / a networked attacker with TLS introspection access.
 //!
-//! A security state contains a security version. Based on this version, features can be disabled. Since the server cannot
-//! sign a security state, it can no longer downgrade the feature, because it cannot produce an arbitrary valid signed security state.
+//! A security state contains a security version. Based on this version, features can be disabled.
+//! Since the server cannot sign a security state, it can no longer downgrade the feature, because
+//! it cannot produce an arbitrary valid signed security state.
 //!
-//! Note: A long-term compromised server can record the security state of a user, and then replay this specific state, or the entire account
-//! to downgrade users to previous states. This can be prevented per logged in session by the client, and for bootstrapping a client by
+//! Note: A long-term compromised server can record the security state of a user, and then replay
+//! this specific state, or the entire account to downgrade users to previous states. This can be
+//! prevented per logged in session by the client, and for bootstrapping a client by
 //! using an extended login-with-device protocol.
 //!
 //! To utilize the security state to disable a feature the following steps are taken:
 //! 1. Assume: Feature with format version A is insecure, and cannot be changed by simple mutation
 //! 2. A new, safe format version B is introduced, and an upgrade path created
 //! 3. The upgrade path is made mandatory
-//! 4. After upgrades are run, the sdk validates that all items are in format version B, and the security state can be updated to contain the security version N+1
-//! 5. The client, given a security state with security version N+1 will reject all items that are in format version A.
+//! 4. After upgrades are run, the sdk validates that all items are in format version B, and the
+//!    security state can be updated to contain the security version N+1
+//! 5. The client, given a security state with security version N+1 will reject all items that are
+//!    in format version A.
 
 use std::str::FromStr;
 
@@ -34,8 +38,9 @@ export type SignedSecurityState = string;
 
 /// The security state is a signed object attesting to the security state of a user.
 ///
-/// It contains a version, which can only ever increment. Based on the version, old formats and features are blocked. This prevents a server from downgrading
-/// a user's account features, because only the user can create this signed object.
+/// It contains a version, which can only ever increment. Based on the version, old formats and
+/// features are blocked. This prevents a server from downgrading a user's account features, because
+/// only the user can create this signed object.
 #[derive(Serialize, Deserialize)]
 #[serde(rename_all = "camelCase")]
 pub struct SecurityState {
