diff --git a/crates/protect-ffi/src/encrypt_config.rs b/crates/protect-ffi/src/encrypt_config.rs index a4547a9..60a8648 100644 --- a/crates/protect-ffi/src/encrypt_config.rs +++ b/crates/protect-ffi/src/encrypt_config.rs @@ -230,7 +230,7 @@ impl EncryptConfig { impl Column { /// Convert this column configuration into a [`ColumnConfig`]. - pub fn into_column_config(self, name: &String) -> ColumnConfig { + pub fn into_column_config(self, name: &str) -> ColumnConfig { let mut config = ColumnConfig::build(name.to_string()).casts_as(self.cast_as.into()); if let Some(opts) = self.indexes.unique_index { @@ -305,8 +305,8 @@ mod tests { }); let encrypt_config = parse(json); - let ident = Identifier::new("users", "email"); - let (column, cast_as) = encrypt_config.get(&ident).expect("column exists"); + let identifier = Identifier::new("users", "email"); + let (column, cast_as) = encrypt_config.get(&identifier).expect("column exists"); assert_eq!(column.cast_type, ColumnType::Utf8Str); assert_eq!(column.name, "email"); @@ -330,8 +330,8 @@ mod tests { }); let encrypt_config = parse(json); - let ident = Identifier::new("users", "email"); - let (column, cast_as) = encrypt_config.get(&ident).expect("column exists"); + let identifier = Identifier::new("users", "email"); + let (column, cast_as) = encrypt_config.get(&identifier).expect("column exists"); assert_eq!( column.indexes[0].index_type, @@ -366,8 +366,8 @@ mod tests { }); let encrypt_config = parse(json); - let ident = Identifier::new("users", "username"); - let (column, cast_as) = encrypt_config.get(&ident).expect("column exists"); + let identifier = Identifier::new("users", "username"); + let (column, cast_as) = encrypt_config.get(&identifier).expect("column exists"); assert_eq!( column.indexes[0].index_type, @@ -396,8 +396,8 @@ mod tests { }); let encrypt_config = parse(json); - let ident = Identifier::new("users", "age"); - let (column, cast_as) = encrypt_config.get(&ident).expect("column exists"); + let identifier = Identifier::new("users", "age"); + let (column, cast_as) = encrypt_config.get(&identifier).expect("column exists"); assert_eq!(column.indexes[0].index_type, IndexType::Ore); assert_eq!(*cast_as, CastAs::Int); @@ -420,8 +420,8 @@ mod tests { }); let encrypt_config = parse(json); - let ident = Identifier::new("users", "notes"); - let (column, cast_as) = encrypt_config.get(&ident).expect("column exists"); + let identifier = Identifier::new("users", "notes"); + let (column, cast_as) = encrypt_config.get(&identifier).expect("column exists"); assert_eq!( column.indexes[0].index_type, @@ -467,8 +467,8 @@ mod tests { }); let encrypt_config = parse(json); - let ident = Identifier::new("users", "description"); - let (column, cast_as) = encrypt_config.get(&ident).expect("column exists"); + let identifier = Identifier::new("users", "description"); + let (column, cast_as) = encrypt_config.get(&identifier).expect("column exists"); assert_eq!( column.indexes[0].index_type, @@ -503,8 +503,8 @@ mod tests { }); let encrypt_config = parse(json); - let ident = Identifier::new("documents", "content"); - let (column, cast_as) = encrypt_config.get(&ident).expect("column exists"); + let identifier = Identifier::new("documents", "content"); + let (column, cast_as) = encrypt_config.get(&identifier).expect("column exists"); assert_eq!( column.indexes[0].index_type, @@ -534,8 +534,8 @@ mod tests { }); let encrypt_config = parse(json); - let ident = Identifier::new("users", "profile"); - let (column, cast_as) = encrypt_config.get(&ident).expect("column exists"); + let identifier = Identifier::new("users", "profile"); + let (column, cast_as) = encrypt_config.get(&identifier).expect("column exists"); assert_eq!(column.indexes.len(), 2); diff --git a/crates/protect-ffi/src/lib.rs b/crates/protect-ffi/src/lib.rs index 6e382fa..e5caa00 100644 --- a/crates/protect-ffi/src/lib.rs +++ b/crates/protect-ffi/src/lib.rs @@ -180,22 +180,22 @@ struct ClientConfig { /// /// # Errors /// -/// Returns an error if the `config_str` is invalid JSON, contains unsupported +/// Returns an error if the `config_json` is invalid JSON, contains unsupported /// encryption options, or if the client cannot be initialized. /// /// # Safety /// -/// The caller must ensure `config_str` points to a valid null-terminated C string. +/// The caller must ensure `config_json` points to a valid null-terminated C string. /// The returned pointer must be freed using [`free_client()`]. #[no_mangle] pub extern "C" fn new_client( - config_str: *const c_char, + config_json: *const c_char, error_out: *mut *mut c_char, ) -> *mut Client { let result: Result, Error> = runtime().and_then(|rt| { rt.block_on(async { - let config_str = safe_ffi::c_str_to_string(config_str)?; - let encrypt_config = EncryptConfig::from_str(&config_str)?; + let config_json = safe_ffi::c_str_to_string(config_json)?; + let encrypt_config = EncryptConfig::from_str(&config_json)?; let client = new_client_inner(encrypt_config).await?; Ok(Box::new(client)) }) @@ -249,42 +249,42 @@ pub extern "C" fn encrypt( let result: Result = runtime().and_then(|rt| { rt.block_on(async { let client = safe_ffi::client_ref(client)?; - let plaintext_str = safe_ffi::c_str_to_string(plaintext)?; - let column_str = safe_ffi::c_str_to_string(column)?; - let table_str = safe_ffi::c_str_to_string(table)?; - let context_str = safe_ffi::optional_c_str_to_string(context_json)?; + let plaintext = safe_ffi::c_str_to_string(plaintext)?; + let column = safe_ffi::c_str_to_string(column)?; + let table = safe_ffi::c_str_to_string(table)?; + let context = safe_ffi::optional_c_str_to_string(context_json)?; - let encryption_context = if let Some(context) = context_str { + let encryption_context = if let Some(context) = context { parse_encryption_context(&context)? } else { Vec::new() }; - let ident = Identifier::new(table_str, column_str); + let identifier = Identifier::new(table, column); let (column_config, cast_as) = client .encrypt_config - .get(&ident) - .ok_or_else(|| Error::UnknownColumn(ident.clone()))?; + .get(&identifier) + .ok_or_else(|| Error::UnknownColumn(identifier.clone()))?; - let mut plaintext_target = plaintext_target::new(plaintext_str, column_config)?; + let mut plaintext_target = plaintext_target::new(plaintext, column_config)?; plaintext_target.context = encryption_context; let encrypted = - encrypt_inner(client.clone(), plaintext_target, &ident, cast_as, None).await?; + encrypt_inner(client.clone(), plaintext_target, &identifier, cast_as, None).await?; serde_json::to_string(&encrypted).map_err(Error::from) }) }); - handle_ffi_result!(result, error_out, |json_str| { - safe_ffi::string_to_c_str(json_str).unwrap_or(ptr::null_mut()) + handle_ffi_result!(result, error_out, |json_string| { + safe_ffi::string_to_c_str(json_string).unwrap_or(ptr::null_mut()) }) } async fn encrypt_inner( client: Client, plaintext_target: PlaintextTarget, - ident: &Identifier, + identifier: &Identifier, cast_as: &CastAs, service_token: Option, ) -> Result { @@ -300,7 +300,7 @@ async fn encrypt_inner( ) })?; - to_eql_encrypted(encrypted, ident, cast_as) + to_eql_encrypted(encrypted, identifier, cast_as) } /// Parses JSON encryption context into ZeroKMS context objects. @@ -311,8 +311,8 @@ fn parse_encryption_context(context_json: &str) -> Result, if let Some(identity_claim) = context.get("identity_claim") { if let Some(claims_array) = identity_claim.as_array() { for claim in claims_array { - if let Some(claim_str) = claim.as_str() { - encryption_context.push(zerokms::Context::new_identity_claim(claim_str)); + if let Some(claim) = claim.as_str() { + encryption_context.push(zerokms::Context::new_identity_claim(claim)); } } } @@ -321,8 +321,8 @@ fn parse_encryption_context(context_json: &str) -> Result, if let Some(tags) = context.get("tag") { if let Some(tags_array) = tags.as_array() { for tag in tags_array { - if let Some(tag_str) = tag.as_str() { - encryption_context.push(zerokms::Context::new_tag(tag_str)); + if let Some(tag) = tag.as_str() { + encryption_context.push(zerokms::Context::new_tag(tag)); } } } @@ -367,17 +367,17 @@ pub extern "C" fn decrypt( let result: Result = runtime().and_then(|rt| { rt.block_on(async { let client = safe_ffi::client_ref(client)?; - let ciphertext_str = safe_ffi::c_str_to_string(ciphertext)?; - let context_str = safe_ffi::optional_c_str_to_string(context_json)?; + let ciphertext = safe_ffi::c_str_to_string(ciphertext)?; + let context = safe_ffi::optional_c_str_to_string(context_json)?; - let encryption_context = if let Some(context) = context_str { + let encryption_context = if let Some(context) = context { parse_encryption_context(&context)? } else { Vec::new() }; let plaintext = - decrypt_inner(client.clone(), ciphertext_str, encryption_context, None).await?; + decrypt_inner(client.clone(), ciphertext, encryption_context, None).await?; Ok(plaintext) }) }); @@ -400,7 +400,7 @@ async fn decrypt_inner( .decrypt_single(encrypted_record, service_token) .await?; - plaintext_str_from_bytes(decrypted) + plaintext_from_bytes(decrypted) } fn encrypted_record_from_mp_base85( @@ -418,7 +418,7 @@ fn encrypted_record_from_mp_base85( }) } -fn plaintext_str_from_bytes(bytes: Vec) -> Result { +fn plaintext_from_bytes(bytes: Vec) -> Result { let plaintext = Plaintext::from_slice(bytes.as_slice())?; match plaintext { @@ -533,26 +533,26 @@ fn to_eql_encrypted( } /// Formats HMAC index bytes into hex-encoded string. -fn format_index_term_binary(bytes: &Vec) -> String { - hex::encode(bytes) +fn format_index_term_binary(index_bytes: &[u8]) -> String { + hex::encode(index_bytes) } /// Formats ORE index bytes into hex-encoded string. -fn format_index_term_ore_bytea(bytes: &Vec) -> String { - hex::encode(bytes) +fn format_index_term_ore_bytes(index_bytes: &[u8]) -> String { + hex::encode(index_bytes) } /// Formats ORE index array bytes into hex-encoded strings. -fn format_index_term_ore_array(vec_of_bytes: &[Vec]) -> Vec { - vec_of_bytes +fn format_index_term_ore_array(ore_byte_arrays: &[Vec]) -> Vec { + ore_byte_arrays .iter() - .map(format_index_term_ore_bytea) + .map(|index_bytes| format_index_term_ore_bytes(index_bytes)) .collect() } /// Formats ORE index bytes into a single-element hex-encoded string array. -fn format_index_term_ore(bytes: &Vec) -> Vec { - vec![format_index_term_ore_bytea(bytes)] +fn format_index_term_ore(index_bytes: &[u8]) -> Vec { + vec![format_index_term_ore_bytes(index_bytes)] } /// Bulk encryption request item containing plaintext data and metadata. @@ -613,29 +613,29 @@ pub extern "C" fn encrypt_bulk( let result: Result = runtime().and_then(|rt| { rt.block_on(async { let client = safe_ffi::client_ref(client)?; - let items_str = safe_ffi::c_str_to_string(items_json)?; - let items: Vec = serde_json::from_str(&items_str)?; + let items_json_string = safe_ffi::c_str_to_string(items_json)?; + let items: Vec = serde_json::from_str(&items_json_string)?; let mut plaintext_targets = Vec::new(); for item in items { - let encryption_context = if let Some(context_val) = item.context { - let context_str = serde_json::to_string(&context_val)?; - parse_encryption_context(&context_str)? + let encryption_context = if let Some(context_value) = item.context { + let context_json = serde_json::to_string(&context_value)?; + parse_encryption_context(&context_json)? } else { Vec::new() }; - let ident = Identifier::new(item.table, item.column); + let identifier = Identifier::new(item.table, item.column); let (column_config, cast_as) = client .encrypt_config - .get(&ident) - .ok_or_else(|| Error::UnknownColumn(ident.clone()))?; + .get(&identifier) + .ok_or_else(|| Error::UnknownColumn(identifier.clone()))?; let mut plaintext_target = plaintext_target::new(item.plaintext, column_config)?; plaintext_target.context = encryption_context; - plaintext_targets.push((plaintext_target, ident, *cast_as)); + plaintext_targets.push((plaintext_target, identifier, *cast_as)); } let encrypted_results = @@ -644,8 +644,8 @@ pub extern "C" fn encrypt_bulk( }) }); - handle_ffi_result!(result, error_out, |json_str| { - safe_ffi::string_to_c_str(json_str).unwrap_or(ptr::null_mut()) + handle_ffi_result!(result, error_out, |json_string| { + safe_ffi::string_to_c_str(json_string).unwrap_or(ptr::null_mut()) }) } @@ -717,15 +717,15 @@ pub extern "C" fn decrypt_bulk( let result: Result = runtime().and_then(|rt| { rt.block_on(async { let client = safe_ffi::client_ref(client)?; - let items_str = safe_ffi::c_str_to_string(items_json)?; - let items: Vec = serde_json::from_str(&items_str)?; + let items_json_string = safe_ffi::c_str_to_string(items_json)?; + let items: Vec = serde_json::from_str(&items_json_string)?; let mut ciphertexts = Vec::new(); for item in items { - let encryption_context = if let Some(context_val) = item.context { - let context_str = serde_json::to_string(&context_val)?; - parse_encryption_context(&context_str)? + let encryption_context = if let Some(context_value) = item.context { + let context_json = serde_json::to_string(&context_value)?; + parse_encryption_context(&context_json)? } else { Vec::new() }; @@ -738,8 +738,8 @@ pub extern "C" fn decrypt_bulk( }) }); - handle_ffi_result!(result, error_out, |json_str| { - safe_ffi::string_to_c_str(json_str).unwrap_or(ptr::null_mut()) + handle_ffi_result!(result, error_out, |json_string| { + safe_ffi::string_to_c_str(json_string).unwrap_or(ptr::null_mut()) }) } @@ -764,7 +764,7 @@ async fn decrypt_bulk_inner( let mut plaintexts: Vec = Vec::with_capacity(len); for item in decrypted { - plaintexts.push(plaintext_str_from_bytes(item)?); + plaintexts.push(plaintext_from_bytes(item)?); } Ok(plaintexts) @@ -794,30 +794,31 @@ pub extern "C" fn create_search_terms( let result: Result = runtime().and_then(|rt| { rt.block_on(async { let client = safe_ffi::client_ref(client)?; - let terms_str = safe_ffi::c_str_to_string(terms_json)?; - let terms: Vec = serde_json::from_str(&terms_str)?; + let terms_json = safe_ffi::c_str_to_string(terms_json)?; + let terms: Vec = serde_json::from_str(&terms_json)?; let mut search_terms_json = Vec::new(); for term in terms { - let encryption_context = if let Some(context_val) = term.context { - let context_str = serde_json::to_string(&context_val)?; - parse_encryption_context(&context_str)? + let encryption_context = if let Some(context_value) = term.context { + let context_json = serde_json::to_string(&context_value)?; + parse_encryption_context(&context_json)? } else { Vec::new() }; - let ident = Identifier::new(term.table, term.column); + let identifier = Identifier::new(term.table, term.column); let (column_config, cast_as) = client .encrypt_config - .get(&ident) - .ok_or_else(|| Error::UnknownColumn(ident.clone()))?; + .get(&identifier) + .ok_or_else(|| Error::UnknownColumn(identifier.clone()))?; let mut plaintext_target = plaintext_target::new(term.plaintext, column_config)?; plaintext_target.context = encryption_context; let encrypted = - encrypt_inner(client.clone(), plaintext_target, &ident, cast_as, None).await?; + encrypt_inner(client.clone(), plaintext_target, &identifier, cast_as, None) + .await?; let search_term_json = match encrypted { Encrypted::Ciphertext { @@ -863,8 +864,8 @@ pub extern "C" fn create_search_terms( }) }); - handle_ffi_result!(result, error_out, |json_str| { - safe_ffi::string_to_c_str(json_str).unwrap_or(ptr::null_mut()) + handle_ffi_result!(result, error_out, |json_string| { + safe_ffi::string_to_c_str(json_string).unwrap_or(ptr::null_mut()) }) } @@ -882,10 +883,10 @@ pub extern "C" fn free_client(client: *mut Client) { /// /// # Safety /// -/// The `s` pointer must have been returned by this library and not previously freed. +/// The `string` pointer must have been returned by this library and not previously freed. #[no_mangle] -pub extern "C" fn free_string(s: *mut c_char) { - safe_ffi::free_c_string(s); +pub extern "C" fn free_string(string: *mut c_char) { + safe_ffi::free_c_string(string); } #[cfg(test)] @@ -907,19 +908,19 @@ mod lib { ]; for error in errors { - let display_str = format!("{}", error); - assert!(!display_str.is_empty()); + let display_string = format!("{}", error); + assert!(!display_string.is_empty()); match error { - Error::NullPointer => assert!(display_str.contains("null pointer")), - Error::StringConversion(msg) => assert!(display_str.contains(&msg)), - Error::Runtime(msg) => assert!(display_str.contains(&msg)), - Error::Unimplemented(msg) => assert!(display_str.contains(&msg)), + Error::NullPointer => assert!(display_string.contains("null pointer")), + Error::StringConversion(msg) => assert!(display_string.contains(&msg)), + Error::Runtime(msg) => assert!(display_string.contains(&msg)), + Error::Unimplemented(msg) => assert!(display_string.contains(&msg)), Error::InvariantViolation(msg) => { - assert!(display_str.contains(&msg)); - assert!(display_str.contains("bug in protect-ffi")); + assert!(display_string.contains(&msg)); + assert!(display_string.contains("bug in protect-ffi")); } - Error::Base85(msg) => assert!(display_str.contains(&msg)), + Error::Base85(msg) => assert!(display_string.contains(&msg)), _ => {} } } @@ -1054,10 +1055,7 @@ mod lib { let mut error_ptr: *mut c_char = ptr::null_mut(); let error_out = &mut error_ptr as *mut *mut c_char; - let ciphertext = CString::new( - r#"{"k":"ct","c":"test","i":{"table":"users","column":"name"},"v":2}"#, - ) - .unwrap(); + let ciphertext = CString::new("test-ciphertext").unwrap(); let result = decrypt(ptr::null(), ciphertext.as_ptr(), ptr::null(), error_out); diff --git a/crates/protect-ffi/src/safe_ffi.rs b/crates/protect-ffi/src/safe_ffi.rs index 4704b22..6dddf8f 100644 --- a/crates/protect-ffi/src/safe_ffi.rs +++ b/crates/protect-ffi/src/safe_ffi.rs @@ -32,13 +32,13 @@ pub fn client_ref<'a>(client: *const Client) -> Result<&'a Client, Error> { /// # Safety /// /// The caller must ensure the pointer points to a valid null-terminated C string. -pub fn c_str_to_string(s: *const c_char) -> Result { - if s.is_null() { +pub fn c_str_to_string(c_string_ptr: *const c_char) -> Result { + if c_string_ptr.is_null() { Err(Error::NullPointer) } else { unsafe { - let c_str = CStr::from_ptr(s); - Ok(c_str.to_str()?.to_owned()) + let c_string = CStr::from_ptr(c_string_ptr); + Ok(c_string.to_str()?.to_owned()) } } } @@ -52,11 +52,11 @@ pub fn c_str_to_string(s: *const c_char) -> Result { /// # Safety /// /// If not null, the caller must ensure the pointer points to a valid null-terminated C string. -pub fn optional_c_str_to_string(s: *const c_char) -> Result, Error> { - if s.is_null() { +pub fn optional_c_str_to_string(c_string_ptr: *const c_char) -> Result, Error> { + if c_string_ptr.is_null() { Ok(None) } else { - Ok(Some(c_str_to_string(s)?)) + Ok(Some(c_str_to_string(c_string_ptr)?)) } } @@ -65,8 +65,8 @@ pub fn optional_c_str_to_string(s: *const c_char) -> Result, Erro /// # Errors /// /// Returns [`Error::StringConversion`] if the string contains null bytes. -pub fn string_to_c_str(s: String) -> Result<*mut c_char, Error> { - CString::new(s) +pub fn string_to_c_str(string: String) -> Result<*mut c_char, Error> { + CString::new(string) .map(|cs| cs.into_raw()) .map_err(|e| Error::StringConversion(e.to_string())) } @@ -89,10 +89,10 @@ pub fn free_boxed_client(client: *mut Client) { /// # Safety /// /// The caller must ensure the pointer was created by [`CString::into_raw`] and hasn't been freed. -pub fn free_c_string(s: *mut c_char) { - if !s.is_null() { +pub fn free_c_string(c_string_ptr: *mut c_char) { + if !c_string_ptr.is_null() { unsafe { - drop(CString::from_raw(s)); + drop(CString::from_raw(c_string_ptr)); } } } @@ -160,12 +160,12 @@ mod tests { #[test] fn test_c_str_to_string_valid() { - let test_str = "Hello, World!"; - let c_string = CString::new(test_str).unwrap(); - let c_ptr = c_string.as_ptr(); + let test_string = "Hello, World!"; + let c_string = CString::new(test_string).unwrap(); + let c_string_ptr = c_string.as_ptr(); - let result = c_str_to_string(c_ptr); - assert_eq!(result.unwrap(), test_str); + let result = c_str_to_string(c_string_ptr); + assert_eq!(result.unwrap(), test_string); } #[test] @@ -177,20 +177,20 @@ mod tests { #[test] fn test_c_str_to_string_invalid_utf8() { let invalid_bytes = [0xFF, 0xFE, 0x00]; // Invalid UTF-8 sequence + null terminator - let c_ptr = invalid_bytes.as_ptr() as *const c_char; + let c_string_ptr = invalid_bytes.as_ptr() as *const c_char; - let result = c_str_to_string(c_ptr); + let result = c_str_to_string(c_string_ptr); assert!(matches!(result, Err(Error::Utf8(_)))); } #[test] fn test_optional_c_str_to_string_valid() { - let test_str = "Optional string"; - let c_string = CString::new(test_str).unwrap(); - let c_ptr = c_string.as_ptr(); + let test_string = "Optional string"; + let c_string = CString::new(test_string).unwrap(); + let c_string_ptr = c_string.as_ptr(); - let result = optional_c_str_to_string(c_ptr); - assert_eq!(result.unwrap(), Some(test_str.to_string())); + let result = optional_c_str_to_string(c_string_ptr); + assert_eq!(result.unwrap(), Some(test_string.to_string())); } #[test] @@ -201,22 +201,22 @@ mod tests { #[test] fn test_string_to_c_str_valid() { - let test_str = "Test string".to_string(); - let result = string_to_c_str(test_str.clone()); + let test_string = "Test string".to_string(); + let result = string_to_c_str(test_string.clone()); assert!(result.is_ok()); - let c_ptr = result.unwrap(); + let c_string_ptr = result.unwrap(); - let restored = unsafe { CStr::from_ptr(c_ptr) }; - assert_eq!(restored.to_str().unwrap(), test_str); + let restored = unsafe { CStr::from_ptr(c_string_ptr) }; + assert_eq!(restored.to_str().unwrap(), test_string); - free_c_string(c_ptr); + free_c_string(c_string_ptr); } #[test] fn test_string_to_c_str_with_null_byte() { - let test_str = "String\0with\0nulls".to_string(); - let result = string_to_c_str(test_str); + let test_string = "String\0with\0nulls".to_string(); + let result = string_to_c_str(test_string); assert!(matches!(result, Err(Error::StringConversion(_)))); } @@ -234,9 +234,9 @@ mod tests { #[test] fn test_free_c_string_valid() { let c_string = CString::new("test").unwrap(); - let c_ptr = c_string.into_raw(); + let c_string_ptr = c_string.into_raw(); - free_c_string(c_ptr); + free_c_string(c_string_ptr); } #[test] @@ -282,8 +282,8 @@ mod tests { let error_out = &mut error_ptr as *mut *mut c_char; let result: Result = Ok("success".to_string()); - let output = handle_ffi_result!(result, error_out, |s| { - CString::new(s).unwrap().into_raw() + let output = handle_ffi_result!(result, error_out, |string| { + CString::new(string).unwrap().into_raw() }); assert!(!output.is_null()); @@ -298,8 +298,8 @@ mod tests { let error_out = &mut error_ptr as *mut *mut c_char; let result: Result = Err(Error::NullPointer); - let output = handle_ffi_result!(result, error_out, |s| { - CString::new(s).unwrap().into_raw() + let output = handle_ffi_result!(result, error_out, |string| { + CString::new(string).unwrap().into_raw() }); assert!(output.is_null()); diff --git a/include/protectphp.h b/include/protectphp.h index 3c8fd38..16d7eb7 100644 --- a/include/protectphp.h +++ b/include/protectphp.h @@ -9,7 +9,7 @@ #include typedef struct Client Client; -Client* new_client(const char* config_str, char** error_out); +Client* new_client(const char* config_json, char** error_out); char* encrypt(const Client* client, const char* plaintext, const char* column, const char* table, const char* context_json, char** error_out); char* decrypt(const Client* client, const char* ciphertext, const char* context_json, char** error_out); char* encrypt_bulk(const Client* client, const char* items_json, char** error_out); diff --git a/platforms/darwin-arm64/libprotect_ffi.dylib b/platforms/darwin-arm64/libprotect_ffi.dylib index b8ee7b1..c2f0971 100644 Binary files a/platforms/darwin-arm64/libprotect_ffi.dylib and b/platforms/darwin-arm64/libprotect_ffi.dylib differ diff --git a/platforms/darwin-x64/libprotect_ffi.dylib b/platforms/darwin-x64/libprotect_ffi.dylib index 09ded9d..a2f9471 100644 Binary files a/platforms/darwin-x64/libprotect_ffi.dylib and b/platforms/darwin-x64/libprotect_ffi.dylib differ diff --git a/platforms/linux-arm64-gnu/libprotect_ffi.so b/platforms/linux-arm64-gnu/libprotect_ffi.so index 98853b3..8b42ecf 100644 Binary files a/platforms/linux-arm64-gnu/libprotect_ffi.so and b/platforms/linux-arm64-gnu/libprotect_ffi.so differ diff --git a/platforms/linux-x64-gnu/libprotect_ffi.so b/platforms/linux-x64-gnu/libprotect_ffi.so index b2c7384..abe3f28 100644 Binary files a/platforms/linux-x64-gnu/libprotect_ffi.so and b/platforms/linux-x64-gnu/libprotect_ffi.so differ diff --git a/platforms/win32-x64-msvc/protect_ffi.dll b/platforms/win32-x64-msvc/protect_ffi.dll index 69da079..dc3a6ad 100644 Binary files a/platforms/win32-x64-msvc/protect_ffi.dll and b/platforms/win32-x64-msvc/protect_ffi.dll differ diff --git a/src/Client.php b/src/Client.php index 0e82313..f55765c 100644 --- a/src/Client.php +++ b/src/Client.php @@ -220,13 +220,13 @@ public function freeClient(\FFI\CData $client): void /** * Execute an FFI operation with error handling. * - * @param callable(\FFI\CData $errorPtr): ?\FFI\CData $ffiCall + * @param callable(\FFI\CData $errorPtr): ?\FFI\CData $operation * @param callable(string $message): FFIException $createException * @return \FFI\CData FFI pointer result * * @throws FFIException When client is not initialized or FFI operation fails */ - private function executeFFIOperation(callable $ffiCall, callable $createException): \FFI\CData + private function executeFFIOperation(callable $operation, callable $createException): \FFI\CData { if (! $this->isInitialized()) { throw FFIException::clientNotInitialized(); @@ -235,7 +235,7 @@ private function executeFFIOperation(callable $ffiCall, callable $createExceptio $errorPtr = $this->createStringPointer(); try { - $result = $ffiCall($errorPtr); + $result = $operation($errorPtr); if ($result === null) { $message = $this->convertStringPointer($errorPtr);