Evidence::decode from Read + build and clippy fixes

src/main.rs

@@ -5,7 +5,7 @@ use ccatoken::store::{
 use ccatoken::token;
 use clap::Parser;
 use ear::claim::TRUSTWORTHY_INSTANCE;
-use ear::{TrustTier, TrustVector};
+use ear::TrustVector;
 use serde_json::value::RawValue;
 use std::error::Error;
 use std::fs;
@@ -104,9 +104,7 @@ fn appraise(args: &AppraiseArgs) -> Result<(TrustVector, TrustVector), Box<dyn E
     let mut rvs: MemoRefValueStore = Default::default();
     rvs.load_json(&j)?;
 
-    let c: Vec<u8> = fs::read(&args.evidence)?;
-
-    let mut e: token::Evidence = token::Evidence::decode(&c)?;
+    let mut e: token::Evidence = token::Evidence::decode(fs::File::open(&args.evidence)?)?;
 
     e.appraise(&rvs)?;
 
@@ -119,32 +117,15 @@ fn verify(args: &VerifyArgs) -> Result<(TrustVector, TrustVector), Box<dyn Error
     let mut tas: MemoTrustAnchorStore = Default::default();
     tas.load_json(&j)?;
 
-    let c: Vec<u8> = fs::read(&args.evidence)?;
-
-    let mut e: token::Evidence = token::Evidence::decode(&c)?;
+    let mut e: token::Evidence = token::Evidence::decode(fs::File::open(&args.evidence)?)?;
 
     e.verify(&tas)?;
 
     Ok(e.get_trust_vectors())
 }
 
-fn trust_vector_status(tv: TrustVector) -> TrustTier {
-    let mut status = TrustTier::None;
-
-    for claim in tv {
-        let claim_tier = claim.tier();
-        if status < claim_tier {
-            status = claim_tier
-        }
-    }
-
-    status
-}
-
 fn golden(args: &GoldenArgs) -> Result<(), Box<dyn Error>> {
-    let c: Vec<u8> = fs::read(&args.evidence)?;
-
-    let mut e: token::Evidence = token::Evidence::decode(&c)?;
+    let mut e: token::Evidence = token::Evidence::decode(fs::File::open(&args.evidence)?)?;
 
     let j = fs::read_to_string(&args.cpak)?;
 

src/store/memo_trustanchorstore.rs

@@ -1,10 +1,9 @@
-// Copyright 2023 Contributors to the Veraison project.
+// Copyright 2023-2025 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
 
 use super::cpak::Cpak;
 use super::errors::Error;
 use super::ITrustAnchorStore;
-use jsonwebtoken::jwk;
 use std::collections::HashMap;
 use std::sync::RwLock;
 
@@ -54,6 +53,8 @@ impl ITrustAnchorStore for MemoTrustAnchorStore {
 #[cfg(test)]
 mod tests {
     use super::*;
+    use jsonwebtoken::jwk;
+
     const TEST_JSON_TA_OK_0: &str = include_str!("../../testdata/ta.json");
     const TEST_INST_ID_0: &[u8; 33] = include_bytes!("../../testdata/inst-id.bin");
     const TEST_IMPL_ID_0: &[u8; 32] = include_bytes!("../../testdata/impl-id.bin");

src/token/base64.rs

@@ -75,8 +75,7 @@ impl<'de> Deserialize<'de> for Bytes {
 
 struct BytesVisitor;
 
-#[allow(clippy::needless_lifetimes)]
-impl<'de> Visitor<'de> for BytesVisitor {
+impl Visitor<'_> for BytesVisitor {
     type Value = Bytes;
 
     fn expecting(&self, formatter: &mut std::fmt::Formatter) -> std::fmt::Result {

src/token/evidence.rs

@@ -1,4 +1,4 @@
-// Copyright 2023 Contributors to the Veraison project.
+// Copyright 2023-2025 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
 
 use super::base64;
@@ -69,8 +69,8 @@ impl CBORCollection {
         Ok(())
     }
 
-    fn decode(buf: &Vec<u8>) -> Result<CBORCollection, Error> {
-        let v: Value = from_reader(buf.as_slice()).map_err(|e| Error::Syntax(e.to_string()))?;
+    fn decode<R: std::io::Read>(buf: R) -> Result<CBORCollection, Error> {
+        let v: Value = from_reader(buf).map_err(|e| Error::Syntax(e.to_string()))?;
 
         let mut collection = CBORCollection::new();
 
@@ -152,7 +152,7 @@ impl Evidence {
     }
 
     /// Decode a CBOR-encoded CCA Token and instantiate an Evidence object.
-    pub fn decode(buf: &Vec<u8>) -> Result<Evidence, Error> {
+    pub fn decode<R: std::io::Read>(buf: R) -> Result<Evidence, Error> {
         let collection = CBORCollection::decode(buf)?;
 
         let mut t = Evidence::new();
@@ -615,6 +615,7 @@ fn make_cose_key(cose_message: &CoseMessage, pkey: jwk::Jwk) -> Result<CoseKey,
     Ok(cose_key)
 }
 
+#[cfg(test)]
 mod tests {
     use super::*;
     use crate::store::{MemoRefValueStore, MemoTrustAnchorStore};
@@ -631,7 +632,7 @@ mod tests {
 
     #[test]
     fn decode_good_token() {
-        let r = Evidence::decode(&TEST_CCA_TOKEN_1_OK.to_vec());
+        let r = Evidence::decode(TEST_CCA_TOKEN_1_OK.as_slice());
 
         assert!(r.is_ok());
     }
@@ -643,7 +644,7 @@ mod tests {
             .expect("loading TEST_CCA_RVS_OK");
 
         let mut e =
-            Evidence::decode(&TEST_CCA_TOKEN_1_OK.to_vec()).expect("decoding TEST_CCA_TOKEN_1_OK");
+            Evidence::decode(TEST_CCA_TOKEN_1_OK.as_slice()).expect("decoding TEST_CCA_TOKEN_1_OK");
 
         e.appraise(&rvs)
             .expect("validation successful for both platform and realm");
@@ -671,7 +672,7 @@ mod tests {
     #[test]
     fn verify_legacy_token_ok() {
         let mut evidence =
-            Evidence::decode(&TEST_CCA_TOKEN_2_OK.to_vec()).expect("decoding TEST_CCA_TOKEN_2_OK");
+            Evidence::decode(TEST_CCA_TOKEN_2_OK.as_slice()).expect("decoding TEST_CCA_TOKEN_2_OK");
 
         let mut tas = MemoTrustAnchorStore::new();
         tas.load_json(TEST_TA_2_OK).expect("loading trust anchors");
@@ -693,7 +694,7 @@ mod tests {
     #[test]
     fn verify_legacy_token_error() {
         let mut evidence =
-            Evidence::decode(&TEST_CCA_TOKEN_2_OK.to_vec()).expect("decoding TEST_CCA_TOKEN_2_OK");
+            Evidence::decode(TEST_CCA_TOKEN_2_OK.as_slice()).expect("decoding TEST_CCA_TOKEN_2_OK");
 
         let mut tas = MemoTrustAnchorStore::new();
         tas.load_json(TEST_TA_2_BAD).expect("loading trust anchors");
@@ -721,7 +722,7 @@ mod tests {
 
     #[test]
     fn bug_33_regression() {
-        let mut evidence = Evidence::decode(&TEST_CCA_TOKEN_BUG_33.to_vec())
+        let mut evidence = Evidence::decode(TEST_CCA_TOKEN_BUG_33.as_slice())
             .expect("decoding TEST_CCA_TOKEN_BUG_33");
 
         let mut tas = MemoTrustAnchorStore::new();
@@ -737,7 +738,7 @@ mod tests {
 
     #[test]
     fn verify_draft_ffm_00_token_ok() {
-        let mut evidence = Evidence::decode(&TEST_CCA_TOKEN_DRAFT_FFM_00.to_vec())
+        let mut evidence = Evidence::decode(TEST_CCA_TOKEN_DRAFT_FFM_00.as_slice())
             .expect("decoding TEST_CCA_TOKEN_DRAFT_FFM_00");
 
         let mut tas = MemoTrustAnchorStore::new();

src/token/mod.rs

@@ -18,7 +18,7 @@
 //!
 //! const token: &[u8; 1222] = include_bytes!("../../testdata/cca-token-01.cbor");
 //!
-//! let mut e = Evidence::decode(&token.to_vec()).expect("decoding CCA token");
+//! let mut e = Evidence::decode(token.as_slice()).expect("decoding CCA token");
 //!
 //! const jta: &str = include_str!("../../testdata/ta.json");
 //! let mut tas = MemoTrustAnchorStore::new();

src/token/platform.rs

@@ -1,12 +1,12 @@
-// Copyright 2023 Contributors to the Veraison project.
+// Copyright 2023-2025 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
+#![allow(unexpected_cfgs)] // fixes warning from bitmask! macro
 
 use super::common::*;
 use super::errors::Error;
 use bitmask::*;
 use ciborium::de::from_reader;
 use ciborium::Value;
-use hex_literal::hex;
 
 const SW_COMPONENT_MTYP: i128 = 1;
 const SW_COMPONENT_MVAL: i128 = 2;
@@ -497,6 +497,7 @@ impl Platform {
 #[cfg(test)]
 mod tests {
     use super::*;
+    use hex_literal::hex;
 
     #[test]
     fn platform_ok() {

src/token/realm.rs

@@ -1,5 +1,6 @@
-// Copyright 2023 Contributors to the Veraison project.
+// Copyright 2023-2025 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
+#![allow(unexpected_cfgs)] // fixes warning from bitmask! macro
 
 use super::common::*;
 use super::errors::Error;
@@ -356,6 +357,7 @@ impl Realm {
     }
 }
 
+#[cfg(test)]
 mod tests {
     use super::*;
     use hex_literal::hex;