Fix remaining error lints and tweak rule

.github/workflows/lint.yml

@@ -92,6 +92,12 @@ jobs:
       - name: Cargo udeps
         run: cargo +"${{ steps.nightly-toolchain.outputs.RUST_NIGHTLY_TOOLCHAIN }}" udeps --workspace --all-features
 
+      - name: Install cargo-dylint
+        run: cargo install cargo-dylint dylint-link --version 4.1.0 --locked
+
+      - name: Cargo dylint
+        run: cargo dylint --all -- --all-features --all-targets
+
       - name: Set up Node
         uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
         with:

README.md

@@ -127,6 +127,7 @@ versions. Here are the cli tools we use:
 - Nightly [cargo fmt](https://github.com/rust-lang/rustfmt) and
   [cargo udeps](https://github.com/est31/cargo-udeps)
 - [rust clippy](https://github.com/rust-lang/rust-clippy)
+- [cargo dylint](https://github.com/trailofbits/dylint)
 - [cargo sort](https://github.com/DevinR528/cargo-sort)
 - [prettier](https://github.com/prettier/prettier)
 
@@ -140,6 +141,7 @@ export RUSTFLAGS="-D warnings"
 cargo +nightly fmt --check
 cargo +nightly udeps --workspace --all-features
 cargo clippy --all-features --all-targets
+cargo dylint --all -- --all-features --all-targets
 cargo sort --workspace --check
 npm run lint
 ```

crates/bitwarden-core/src/auth/access_token.rs

@@ -1,7 +1,7 @@
 use std::{fmt::Debug, str::FromStr};
 
 use bitwarden_crypto::{derive_shareable_key, SymmetricCryptoKey};
-use bitwarden_encoding::{NotB64Encoded, B64};
+use bitwarden_encoding::{NotB64EncodedError, B64};
 use thiserror::Error;
 use uuid::Uuid;
 use zeroize::Zeroizing;
@@ -19,7 +19,7 @@ pub enum AccessTokenInvalidError {
     InvalidUuid,
 
     #[error("Error decoding base64: {0}")]
-    InvalidBase64(#[from] NotB64Encoded),
+    InvalidBase64(#[from] NotB64EncodedError),
 
     #[error("Invalid base64 length: expected {expected}, got {got}")]
     InvalidBase64Length { expected: usize, got: usize },

crates/bitwarden-core/src/auth/jwt_token.rs

@@ -1,6 +1,6 @@
 use std::str::FromStr;
 
-use bitwarden_encoding::{B64Url, NotB64UrlEncoded};
+use bitwarden_encoding::{B64Url, NotB64UrlEncodedError};
 use thiserror::Error;
 
 /// A Bitwarden secrets manager JWT Token.
@@ -31,7 +31,7 @@ pub enum JwtTokenParseError {
     #[error("JWT token parse error: {0}")]
     Parse(#[from] serde_json::Error),
     #[error("JWT token decode error: {0}")]
-    Decode(#[from] NotB64UrlEncoded),
+    Decode(#[from] NotB64UrlEncodedError),
 
     #[error("JWT token has an invalid number of parts")]
     InvalidParts,

crates/bitwarden-crypto/src/enc_string/symmetric.rs

@@ -6,7 +6,7 @@ use serde::Deserialize;
 
 use super::{check_length, from_b64, from_b64_vec, split_enc_string};
 use crate::{
-    error::{CryptoError, EncStringParseError, Result, UnsupportedOperation},
+    error::{CryptoError, EncStringParseError, Result, UnsupportedOperationError},
     Aes256CbcHmacKey, ContentFormat, KeyDecryptable, KeyEncryptable, KeyEncryptableWithContentType,
     SymmetricCryptoKey, Utf8Bytes, XChaCha20Poly1305Key,
 };
@@ -294,7 +294,7 @@ impl KeyEncryptableWithContentType<SymmetricCryptoKey, EncString> for &[u8] {
                 EncString::encrypt_xchacha20_poly1305(self, inner_key, content_format)
             }
             SymmetricCryptoKey::Aes256CbcKey(_) => Err(CryptoError::OperationNotSupported(
-                UnsupportedOperation::EncryptionNotImplementedForKey,
+                UnsupportedOperationError::EncryptionNotImplementedForKey,
             )),
         }
     }

crates/bitwarden-crypto/src/error.rs

@@ -1,6 +1,6 @@
 use std::fmt::Debug;
 
-use bitwarden_encoding::NotB64Encoded;
+use bitwarden_encoding::NotB64EncodedError;
 use bitwarden_error::bitwarden_error;
 use thiserror::Error;
 use uuid::Uuid;
@@ -45,13 +45,13 @@ pub enum CryptoError {
     Fingerprint(#[from] FingerprintError),
 
     #[error("Argon2 error, {0}")]
-    ArgonError(#[from] argon2::Error),
+    Argon(#[from] argon2::Error),
 
     #[error("Number is zero")]
     ZeroNumber,
 
     #[error("Unsupported operation, {0}")]
-    OperationNotSupported(UnsupportedOperation),
+    OperationNotSupported(UnsupportedOperationError),
 
     #[error("Key algorithm does not match encrypted data type")]
     WrongKeyType,
@@ -73,7 +73,7 @@ pub enum CryptoError {
 }
 
 #[derive(Debug, Error)]
-pub enum UnsupportedOperation {
+pub enum UnsupportedOperationError {
     #[error("Encryption is not implemented for key")]
     EncryptionNotImplementedForKey,
 }
@@ -87,7 +87,7 @@ pub enum EncStringParseError {
     #[error("Invalid asymmetric type, got type {enc_type} with {parts} parts")]
     InvalidTypeAsymm { enc_type: String, parts: usize },
     #[error("Error decoding base64: {0}")]
-    InvalidBase64(#[from] NotB64Encoded),
+    InvalidBase64(#[from] NotB64EncodedError),
     #[error("Invalid length: expected {expected}, got {got}")]
     InvalidLength { expected: usize, got: usize },
     #[error("Invalid encoding {0}")]

crates/bitwarden-crypto/src/keys/master_key.rs

@@ -155,7 +155,7 @@ pub(super) fn decrypt_user_key(
         }
         EncString::Cose_Encrypt0_B64 { .. } => {
             return Err(CryptoError::OperationNotSupported(
-                crate::error::UnsupportedOperation::EncryptionNotImplementedForKey,
+                crate::error::UnsupportedOperationError::EncryptionNotImplementedForKey,
             ));
         }
     };

crates/bitwarden-crypto/src/rsa.rs

@@ -6,7 +6,7 @@ use rsa::{
 use sha1::Sha1;
 
 use crate::{
-    error::{Result, RsaError, UnsupportedOperation},
+    error::{Result, RsaError, UnsupportedOperationError},
     CryptoError, EncString, SymmetricCryptoKey,
 };
 
@@ -41,10 +41,10 @@ pub(crate) fn make_key_pair(key: &SymmetricCryptoKey) -> Result<RsaKeyPair> {
             EncString::encrypt_aes256_hmac(pkcs.as_bytes(), key)
         }
         SymmetricCryptoKey::XChaCha20Poly1305Key(_) => Err(CryptoError::OperationNotSupported(
-            UnsupportedOperation::EncryptionNotImplementedForKey,
+            UnsupportedOperationError::EncryptionNotImplementedForKey,
         )),
         SymmetricCryptoKey::Aes256CbcKey(_) => Err(CryptoError::OperationNotSupported(
-            UnsupportedOperation::EncryptionNotImplementedForKey,
+            UnsupportedOperationError::EncryptionNotImplementedForKey,
         )),
     }?;
 

crates/bitwarden-crypto/src/store/context.rs

@@ -8,7 +8,7 @@ use zeroize::Zeroizing;
 
 use super::KeyStoreInner;
 use crate::{
-    derive_shareable_key, error::UnsupportedOperation, signing, store::backend::StoreBackend,
+    derive_shareable_key, error::UnsupportedOperationError, signing, store::backend::StoreBackend,
     AsymmetricCryptoKey, BitwardenLegacyKeyBytes, ContentFormat, CryptoError, EncString, KeyId,
     KeyIds, PublicKeyEncryptionAlgorithm, Result, RotatedUserKeys, Signature, SignatureAlgorithm,
     SignedObject, SignedPublicKey, SignedPublicKeyMessage, SigningKey, SymmetricCryptoKey,
@@ -236,7 +236,7 @@ impl<Ids: KeyIds> KeyStoreContext<'_, Ids> {
                 )
             }
             _ => Err(CryptoError::OperationNotSupported(
-                UnsupportedOperation::EncryptionNotImplementedForKey,
+                UnsupportedOperationError::EncryptionNotImplementedForKey,
             )),
         }
     }
@@ -503,7 +503,7 @@ impl<Ids: KeyIds> KeyStoreContext<'_, Ids> {
         let key = self.get_symmetric_key(key)?;
         match key {
             SymmetricCryptoKey::Aes256CbcKey(_) => Err(CryptoError::OperationNotSupported(
-                UnsupportedOperation::EncryptionNotImplementedForKey,
+                UnsupportedOperationError::EncryptionNotImplementedForKey,
             )),
             SymmetricCryptoKey::Aes256CbcHmacKey(key) => EncString::encrypt_aes256_hmac(data, key),
             SymmetricCryptoKey::XChaCha20Poly1305Key(key) => {

crates/bitwarden-encoding/src/b64.rs

@@ -86,7 +86,7 @@ impl std::fmt::Display for B64 {
 /// An error returned when a string is not base64 decodable.
 #[derive(Debug, Error)]
 #[error("Data isn't base64 encoded")]
-pub struct NotB64Encoded;
+pub struct NotB64EncodedError;
 
 const BASE64_PERMISSIVE: data_encoding::Encoding = data_encoding_macro::new_encoding! {
     symbols: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",
@@ -96,27 +96,27 @@ const BASE64_PERMISSIVE: data_encoding::Encoding = data_encoding_macro::new_enco
 const BASE64_PADDING: &str = "=";
 
 impl TryFrom<String> for B64 {
-    type Error = NotB64Encoded;
+    type Error = NotB64EncodedError;
 
     fn try_from(value: String) -> Result<Self, Self::Error> {
         Self::try_from(value.as_str())
     }
 }
 
 impl TryFrom<&str> for B64 {
-    type Error = NotB64Encoded;
+    type Error = NotB64EncodedError;
 
     fn try_from(value: &str) -> Result<Self, Self::Error> {
         let sane_string = value.trim_end_matches(BASE64_PADDING);
         BASE64_PERMISSIVE
             .decode(sane_string.as_bytes())
             .map(Self)
-            .map_err(|_| NotB64Encoded)
+            .map_err(|_| NotB64EncodedError)
     }
 }
 
 impl FromStr for B64 {
-    type Err = NotB64Encoded;
+    type Err = NotB64EncodedError;
 
     fn from_str(s: &str) -> Result<Self, Self::Err> {
         Self::try_from(s)
@@ -224,7 +224,7 @@ mod tests {
 
     #[test]
     fn test_not_b64_encoded_error_display() {
-        let error = NotB64Encoded;
+        let error = NotB64EncodedError;
         assert_eq!(error.to_string(), "Data isn't base64 encoded");
     }
 

crates/bitwarden-encoding/src/b64url.rs

@@ -61,7 +61,7 @@ impl std::fmt::Display for B64Url {
 /// An error returned when a string is not base64 decodable.
 #[derive(Debug, Error)]
 #[error("Data isn't base64url encoded")]
-pub struct NotB64UrlEncoded;
+pub struct NotB64UrlEncodedError;
 
 const BASE64URL_PERMISSIVE: data_encoding::Encoding = data_encoding_macro::new_encoding! {
     symbols: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_",
@@ -71,27 +71,27 @@ const BASE64URL_PERMISSIVE: data_encoding::Encoding = data_encoding_macro::new_e
 const BASE64URL_PADDING: &str = "=";
 
 impl TryFrom<String> for B64Url {
-    type Error = NotB64UrlEncoded;
+    type Error = NotB64UrlEncodedError;
 
     fn try_from(value: String) -> Result<Self, Self::Error> {
         Self::try_from(value.as_str())
     }
 }
 
 impl TryFrom<&str> for B64Url {
-    type Error = NotB64UrlEncoded;
+    type Error = NotB64UrlEncodedError;
 
     fn try_from(value: &str) -> Result<Self, Self::Error> {
         let sane_string = value.trim_end_matches(BASE64URL_PADDING);
         BASE64URL_PERMISSIVE
             .decode(sane_string.as_bytes())
             .map(Self)
-            .map_err(|_| NotB64UrlEncoded)
+            .map_err(|_| NotB64UrlEncodedError)
     }
 }
 
 impl FromStr for B64Url {
-    type Err = NotB64UrlEncoded;
+    type Err = NotB64UrlEncodedError;
 
     fn from_str(s: &str) -> Result<Self, Self::Err> {
         Self::try_from(s)
@@ -198,7 +198,7 @@ mod tests {
 
     #[test]
     fn test_not_b64url_encoded_error_display() {
-        let error = NotB64UrlEncoded;
+        let error = NotB64UrlEncodedError;
         assert_eq!(error.to_string(), "Data isn't base64url encoded");
     }
 

crates/bitwarden-encoding/src/lib.rs

@@ -4,8 +4,8 @@ mod b64;
 mod b64url;
 mod serde;
 
-pub use b64::{NotB64Encoded, B64};
-pub use b64url::{B64Url, NotB64UrlEncoded};
+pub use b64::{NotB64EncodedError, B64};
+pub use b64url::{B64Url, NotB64UrlEncodedError};
 pub use serde::FromStrVisitor;
 
 #[cfg(feature = "uniffi")]

crates/bitwarden-exporters/src/cxf/login.rs

@@ -4,7 +4,7 @@
 //! [PasskeyCredential].
 
 use bitwarden_core::MissingFieldError;
-use bitwarden_fido::{string_to_guid_bytes, InvalidGuid};
+use bitwarden_fido::{string_to_guid_bytes, InvalidGuidError};
 use bitwarden_vault::{FieldType, Totp, TotpAlgorithm};
 use chrono::{DateTime, Utc};
 use credential_exchange_format::{
@@ -187,7 +187,7 @@ pub enum PasskeyError {
     #[error("Counter is not zero")]
     CounterNotZero,
     #[error(transparent)]
-    InvalidGuid(InvalidGuid),
+    InvalidGuid(InvalidGuidError),
     #[error(transparent)]
     MissingField(MissingFieldError),
     #[error("Data isn't base64url encoded")]

crates/bitwarden-fido/src/authenticator.rs

@@ -16,11 +16,11 @@ use thiserror::Error;
 
 use super::{
     try_from_credential_new_view, types::*, CheckUserOptions, CipherViewContainer,
-    Fido2CredentialStore, Fido2UserInterface, SelectedCredential, UnknownEnum, AAGUID,
+    Fido2CredentialStore, Fido2UserInterface, SelectedCredential, UnknownEnumError, AAGUID,
 };
 use crate::{
     fill_with_credential, string_to_guid_bytes, try_from_credential_full, Fido2CallbackError,
-    FillCredentialError, InvalidGuid,
+    FillCredentialError, InvalidGuidError,
 };
 
 #[derive(Debug, Error)]
@@ -40,7 +40,7 @@ pub enum MakeCredentialError {
     #[error(transparent)]
     PublicKeyCredentialParameters(#[from] PublicKeyCredentialParametersError),
     #[error(transparent)]
-    UnknownEnum(#[from] UnknownEnum),
+    UnknownEnum(#[from] UnknownEnumError),
     #[error(transparent)]
     Serde(#[from] serde_json::Error),
     #[error("Missing attested_credential_data")]
@@ -53,13 +53,13 @@ pub enum MakeCredentialError {
 #[derive(Debug, Error)]
 pub enum GetAssertionError {
     #[error(transparent)]
-    UnknownEnum(#[from] UnknownEnum),
+    UnknownEnum(#[from] UnknownEnumError),
     #[error(transparent)]
     Serde(#[from] serde_json::Error),
     #[error(transparent)]
     GetSelectedCredential(#[from] GetSelectedCredentialError),
     #[error(transparent)]
-    InvalidGuid(#[from] InvalidGuid),
+    InvalidGuid(#[from] InvalidGuidError),
     #[error("missing user")]
     MissingUser,
     #[error("get_assertion error: {0}")]
@@ -72,7 +72,7 @@ pub enum SilentlyDiscoverCredentialsError {
     #[error(transparent)]
     Cipher(#[from] CipherError),
     #[error(transparent)]
-    InvalidGuid(#[from] InvalidGuid),
+    InvalidGuid(#[from] InvalidGuidError),
     #[error(transparent)]
     Fido2Callback(#[from] Fido2CallbackError),
     #[error(transparent)]
@@ -85,7 +85,7 @@ pub enum CredentialsForAutofillError {
     #[error(transparent)]
     Cipher(#[from] CipherError),
     #[error(transparent)]
-    InvalidGuid(#[from] InvalidGuid),
+    InvalidGuid(#[from] InvalidGuidError),
     #[error(transparent)]
     Fido2Callback(#[from] Fido2CallbackError),
     #[error(transparent)]
@@ -511,7 +511,7 @@ impl passkey::authenticator::CredentialStore for CredentialStoreImpl<'_> {
             #[error("Client User Id has not been set")]
             MissingUserId,
             #[error(transparent)]
-            InvalidGuid(#[from] InvalidGuid),
+            InvalidGuid(#[from] InvalidGuidError),
             #[error("Credential ID does not match selected credential")]
             CredentialIdMismatch,
             #[error(transparent)]