Merge pull request #233 from cipherstash/chore/proxy-eql-v2-integration-clippy

tobyhede · web-flow · commit ff2beb774186 · 2025-05-21T15:41:47.000+10:00
fixes for rust 1.87 clippy lints
diff --git a/docs/errors.md b/docs/errors.md
@@ -318,7 +318,7 @@ For example:
 
 ## Unknown Column <a id='encrypt-unknown-column'></a>
 
-The column has an encrypted type (PostgreSQL `eql_v1_encrypted` type ) with no encryption configuration.
+The column has an encrypted type (PostgreSQL `eql_v2_encrypted` type ) with no encryption configuration.
 
 Without the configuration, Cipherstash Proxy does not know how to encrypt the column.
 Any data is unprotected and unencrypted.
@@ -345,7 +345,7 @@ Column 'column_name' in table 'table_name' has no Encrypt configuration
 
 ## Unknown Table <a id='encrypt-unknown-table'></a>
 
-The table has one or more encrypted columns (PostgreSQL `eql_v1_encrypted` type ) with no encryption configuration.
+The table has one or more encrypted columns (PostgreSQL `eql_v2_encrypted` type ) with no encryption configuration.
 
 Without the configuration, Cipherstash Proxy does not know how to encrypt the column.
 Any data is unprotected and unencrypted.
diff --git a/docs/getting-started/schema-example.sql b/docs/getting-started/schema-example.sql
@@ -1,12 +1,12 @@
-TRUNCATE TABLE public.eql_v1_configuration;
+TRUNCATE TABLE public.eql_v2_configuration;
 
 -- Exciting cipherstash table
 DROP TABLE IF EXISTS users;
 CREATE TABLE users (
     id SERIAL PRIMARY KEY,
-    encrypted_email eql_v1_encrypted,
-    encrypted_dob eql_v1_encrypted,
-    encrypted_salary eql_v1_encrypted
+    encrypted_email eql_v2_encrypted,
+    encrypted_dob eql_v2_encrypted,
+    encrypted_salary eql_v2_encrypted
 );
 
 SELECT cs_add_index_v1(
diff --git a/docs/how-to.md b/docs/how-to.md
@@ -153,7 +153,7 @@ You can also install EQL by running [the installation script](https://github.com
 Once you have installed EQL, you can see what version is installed by querying the database:
 
 ```sql
-SELECT eql_v1.version();
+SELECT eql_v2.version();
 ```
 
 This will output the version of EQL installed.
@@ -162,22 +162,22 @@ This will output the version of EQL installed.
 
 In your existing PostgreSQL database, you store your data in tables and columns.
 Those columns have types like `integer`, `text`, `timestamp`, and `boolean`.
-When storing encrypted data in PostgreSQL with Proxy, you use a special column type called `eql_v1_encrypted`, which is [provided by EQL](#setting-up-the-database-schema).
-`eql_v1_encrypted` is a container column type that can be used for any type of encrypted data you want to store or search, whether they are numbers (`int`, `small_int`, `big_int`), text (`text`), dates and times (`date`. `timestamp`), or booleans (`boolean`).
+When storing encrypted data in PostgreSQL with Proxy, you use a special column type called `eql_v2_encrypted`, which is [provided by EQL](#setting-up-the-database-schema).
+`eql_v2_encrypted` is a container column type that can be used for any type of encrypted data you want to store or search, whether they are numbers (`int`, `small_int`, `big_int`), text (`text`), dates and times (`date`. `timestamp`), or booleans (`boolean`).
 
 Create a table with an encrypted column for `email`:
 
 ```sql
 CREATE TABLE users (
     id SERIAL PRIMARY KEY,
-    email eql_v1_encrypted
+    email eql_v2_encrypted
 )
 ```
 
 This creates a `users` table with two columns:
 
  - `id`, an autoincrementing integer column that is the primary key for the record
- - `email`, a `eql_v1_encrypted` column
+ - `email`, a `eql_v2_encrypted` column
 
 There are important differences between the plaintext columns you've traditionally used in PostgreSQL and encrypted columns with CipherStash Proxy:
 
diff --git a/packages/cipherstash-proxy/src/connect/async_stream.rs b/packages/cipherstash-proxy/src/connect/async_stream.rs
@@ -23,7 +23,7 @@ use x509_parser::prelude::{FromDer, X509Certificate};
 #[derive(Debug)]
 pub enum AsyncStream {
     Tcp(TcpStream),
-    Tls(TlsStream<TcpStream>),
+    Tls(Box<TlsStream<TcpStream>>),
 }
 
 impl AsyncStream {
diff --git a/packages/cipherstash-proxy/src/encrypt/config/manager.rs b/packages/cipherstash-proxy/src/encrypt/config/manager.rs
@@ -197,5 +197,5 @@ pub async fn load_encrypt_config(config: &DatabaseConfig) -> Result<EncryptConfi
 }
 fn configuration_table_not_found(e: &tokio_postgres::Error) -> bool {
     let msg = e.to_string();
-    msg.contains("eql_v1_configuration") && msg.contains("does not exist")
+    msg.contains("eql_v2_configuration") && msg.contains("does not exist")
 }
diff --git a/packages/cipherstash-proxy/src/encrypt/mod.rs b/packages/cipherstash-proxy/src/encrypt/mod.rs
@@ -58,7 +58,7 @@ impl Encrypt {
         let eql_version = {
             let client = connect::database(&config.database).await?;
             let rows = client
-                .query("SELECT eql_v1.version() AS version;", &[])
+                .query("SELECT eql_v2.version() AS version;", &[])
                 .await;
 
             match rows {
diff --git a/packages/cipherstash-proxy/src/encrypt/schema/manager.rs b/packages/cipherstash-proxy/src/encrypt/schema/manager.rs
@@ -142,8 +142,8 @@ pub async fn load_schema(config: &DatabaseConfig) -> Result<Schema, Error> {
             let ident = Ident::with_quote('"', col);
 
             let column = match column_type_name.as_deref() {
-                Some("eql_v1_encrypted") => {
-                    debug!(target: SCHEMA, msg = "eql_v1_encrypted column", table = table_name, column = col);
+                Some("eql_v2_encrypted") => {
+                    debug!(target: SCHEMA, msg = "eql_v2_encrypted column", table = table_name, column = col);
                     Column::eql(ident)
                 }
                 _ => Column::native(ident),
diff --git a/packages/cipherstash-proxy/src/encrypt/sql/select_config.sql b/packages/cipherstash-proxy/src/encrypt/sql/select_config.sql
@@ -1 +1 @@
-SELECT data FROM public.eql_v1_configuration WHERE state = 'active' LIMIT 1;
+SELECT data FROM public.eql_v2_configuration WHERE state = 'active' LIMIT 1;
diff --git a/packages/cipherstash-proxy/src/postgresql/handler.rs b/packages/cipherstash-proxy/src/postgresql/handler.rs
@@ -84,7 +84,7 @@ pub async fn handler(
                         AsyncStream::Tcp(stream) => {
                             // The Client is connecting to our Server
                             let tls_stream = tls::server(stream, tls).await?;
-                            client_stream = AsyncStream::Tls(tls_stream);
+                            client_stream = AsyncStream::Tls(Box::new(tls_stream));
                         }
                         AsyncStream::Tls(_) => {
                             unreachable!();
diff --git a/packages/cipherstash-proxy/src/postgresql/messages/authentication/auth.rs b/packages/cipherstash-proxy/src/postgresql/messages/authentication/auth.rs
@@ -56,9 +56,9 @@ impl Authentication {
 
     pub fn is_scram_sha_256_plus(&self) -> bool {
         match self.method {
-            AuthenticationMethod::Sasl { ref mechanisms } => mechanisms
-                .iter()
-                .any(|m| *m == SaslMechanism::ScramSha256Plus),
+            AuthenticationMethod::Sasl { ref mechanisms } => {
+                mechanisms.contains(&SaslMechanism::ScramSha256Plus)
+            }
             _ => false,
         }
     }
diff --git a/packages/cipherstash-proxy/src/postgresql/messages/parse.rs b/packages/cipherstash-proxy/src/postgresql/messages/parse.rs
@@ -24,11 +24,11 @@ impl Parse {
     }
 
     ///
-    /// Encrypted columns are the eql_v1_encrypted Domain Type
-    /// eql_v1_encrypted wraps JSONB
+    /// Encrypted columns are the eql_v2_encrypted Domain Type
+    /// eql_v2_encrypted wraps JSONB
     ///
-    /// Using JSONB to avoid the complexity of loading the OID of eql_v1_encrypted
-    /// PostgreSQL will coerce JSONB to eql_v1_encrypted if it passes the constaint check
+    /// Using JSONB to avoid the complexity of loading the OID of eql_v2_encrypted
+    /// PostgreSQL will coerce JSONB to eql_v2_encrypted if it passes the constaint check
     ///
     pub fn rewrite_param_types(&mut self, columns: &[Option<Column>]) {
         for (idx, col) in columns.iter().enumerate() {
diff --git a/packages/cipherstash-proxy/src/postgresql/startup.rs b/packages/cipherstash-proxy/src/postgresql/startup.rs
@@ -30,7 +30,7 @@ pub async fn with_tls(stream: AsyncStream, config: &TandemConfig) -> Result<Asyn
             match server_supports_ssl {
                 true => {
                     let tls_stream = tls::client(tcp_stream, config).await?;
-                    Ok(AsyncStream::Tls(tls_stream))
+                    Ok(AsyncStream::Tls(Box::new(tls_stream)))
                 }
                 false => {
                     warn!(msg = "Connecting to database without Transport Layer Security (TLS)");
diff --git a/packages/eql-mapper/src/inference/mod.rs b/packages/eql-mapper/src/inference/mod.rs
@@ -127,11 +127,11 @@ impl<'ast> TypeInferencer<'ast> {
         match self.unify(self.get_node_type(lhs), self.get_node_type(rhs)) {
             Ok(unified) => Ok(unified),
             Err(err) => Err(TypeError::OnNodes(
-                Box::new(err),
                 format!("{:?}", lhs),
                 self.get_node_type(lhs),
                 format!("{:?}", rhs),
                 self.get_node_type(rhs),
+                err.to_string(),
             )),
         }
     }
diff --git a/packages/eql-mapper/src/inference/sql_functions.rs b/packages/eql-mapper/src/inference/sql_functions.rs
@@ -236,14 +236,14 @@ static SQL_FUNCTIONS: LazyLock<HashMap<CompoundIdent, Vec<SqlFunction>>> = LazyL
         sql_fn!(jsonb_array_elements_text(T) -> T, rewrite),
         // These are typings for when customer SQL already contains references to EQL functions.
         // They must be type checked but not rewritten.
-        sql_fn!(eql_v1.min(T) -> T),
-        sql_fn!(eql_v1.max(T) -> T),
-        sql_fn!(eql_v1.jsonb_path_query(T, T) -> T),
-        sql_fn!(eql_v1.jsonb_path_query_first(T, T) -> T),
-        sql_fn!(eql_v1.jsonb_path_exists(T, T) -> T),
-        sql_fn!(eql_v1.jsonb_array_length(T) -> T),
-        sql_fn!(eql_v1.jsonb_array_elements(T) -> T),
-        sql_fn!(eql_v1.jsonb_array_elements_text(T) -> T),
+        sql_fn!(eql_v2.min(T) -> T),
+        sql_fn!(eql_v2.max(T) -> T),
+        sql_fn!(eql_v2.jsonb_path_query(T, T) -> T),
+        sql_fn!(eql_v2.jsonb_path_query_first(T, T) -> T),
+        sql_fn!(eql_v2.jsonb_path_exists(T, T) -> T),
+        sql_fn!(eql_v2.jsonb_array_length(T) -> T),
+        sql_fn!(eql_v2.jsonb_array_elements(T) -> T),
+        sql_fn!(eql_v2.jsonb_array_elements_text(T) -> T),
     ];
 
     let mut sql_fns_by_name: HashMap<CompoundIdent, Vec<SqlFunction>> = HashMap::new();
diff --git a/packages/eql-mapper/src/inference/type_error.rs b/packages/eql-mapper/src/inference/type_error.rs
@@ -1,4 +1,4 @@
-use std::{collections::HashSet, sync::Arc};
+use std::sync::Arc;
 
 use crate::{unifier::Type, SchemaError, ScopeError};
 
@@ -19,9 +19,6 @@ pub enum TypeError {
     #[error("{}", _0)]
     Expected(String),
 
-    #[error("One or more params failed to unify: {}", _0.iter().cloned().collect::<Vec<String>>().join(", "))]
-    Params(HashSet<String>),
-
     #[error("Expected param count to be {}, but got {}", _0, _1)]
     ParamCount(usize, usize),
 
@@ -34,14 +31,13 @@ pub enum TypeError {
     #[error("{}", _0)]
     SchemaError(#[from] SchemaError),
 
-    #[error("Cannot unify node types for nodes:\n 1. node: {} type: {}\n 2. node: {} type: {}\n error: {}", _1, _2, _3, _4, _0)]
-    OnNodes(Box<TypeError>, String, Arc<Type>, String, Arc<Type>),
-
     #[error(
-        "Cannot unify node with type:\n node: {}\n type: {} error: {}",
+        "Cannot unify node types for nodes:\n 1. node: {} type: {}\n 2. node: {} type: {}\n error: {}",
+        _0,
         _1,
         _2,
-        _0
+        _3,
+        _4
     )]
-    OnNode(Box<TypeError>, Type, String),
+    OnNodes(String, Arc<Type>, String, Arc<Type>, String),
 }
diff --git a/packages/eql-mapper/src/inference/unifier/mod.rs b/packages/eql-mapper/src/inference/unifier/mod.rs
@@ -447,7 +447,7 @@ pub(crate) mod test_util {
                 }
             }
 
-            root_node.accept(&mut FindNodeFromKeyVisitor(self));
+            let _ = root_node.accept(&mut FindNodeFromKeyVisitor(self));
         }
     }
 }
diff --git a/packages/eql-mapper/src/lib.rs b/packages/eql-mapper/src/lib.rs
@@ -1026,7 +1026,7 @@ mod test {
         )])) {
             Ok(transformed_statement) => assert_eq!(
                 transformed_statement.to_string(),
-                "SELECT * FROM employees WHERE salary > 'ENCRYPTED'::JSONB::eql_v1_encrypted"
+                "SELECT * FROM employees WHERE salary > 'ENCRYPTED'::JSONB::eql_v2_encrypted"
             ),
             Err(err) => panic!("statement transformation failed: {}", err),
         };
@@ -1073,7 +1073,7 @@ mod test {
         )])) {
             Ok(transformed_statement) => assert_eq!(
                 transformed_statement.to_string(),
-                "INSERT INTO employees (salary) VALUES ('ENCRYPTED'::JSONB::eql_v1_encrypted)"
+                "INSERT INTO employees (salary) VALUES ('ENCRYPTED'::JSONB::eql_v2_encrypted)"
             ),
             Err(err) => panic!("statement transformation failed: {}", err),
         };
@@ -1352,7 +1352,7 @@ mod test {
                 match typed.transform(HashMap::new()) {
                     Ok(statement) => assert_eq!(
                         statement.to_string(),
-                        "SELECT eql_v1.cs_grouped_value(email) AS email FROM users GROUP BY eql_v1.ore_64_8_v1(email)".to_string()
+                        "SELECT eql_v2.grouped_value(email) AS email FROM users GROUP BY eql_v2.ore_64_8_v2(email)".to_string()
                     ),
                     Err(err) => panic!("transformation failed: {err}"),
                 }
@@ -1382,7 +1382,7 @@ mod test {
                 match typed.transform(HashMap::new()) {
                     Ok(statement) => assert_eq!(
                         statement.to_string(),
-                        "SELECT eql_v1.min(salary), eql_v1.max(salary), department FROM employees GROUP BY department".to_string()
+                        "SELECT eql_v2.min(salary), eql_v2.max(salary), department FROM employees GROUP BY department".to_string()
                     ),
                     Err(err) => panic!("transformation failed: {err}"),
                 }
@@ -1415,7 +1415,7 @@ mod test {
                 Ok(statement) => {
                     assert_eq!(
                             statement.to_string(),
-                            "SELECT * FROM employees WHERE eql_col = $1::JSONB::eql_v1_encrypted AND native_col = $2"
+                            "SELECT * FROM employees WHERE eql_col = $1::JSONB::eql_v2_encrypted AND native_col = $2"
                         );
                 }
                 Err(err) => panic!("transformation failed: {err}"),
@@ -1450,7 +1450,7 @@ mod test {
                     Ok(statement) => {
                         assert_eq!(
                             statement.to_string(),
-                            "SELECT eql_v1.jsonb_path_query(eql_col, '<encrypted-selector($.secret)>'::JSONB::eql_v1_encrypted), jsonb_path_query(native_col, '$.not-secret') FROM employees"
+                            "SELECT eql_v2.jsonb_path_query(eql_col, '<encrypted-selector($.secret)>'::JSONB::eql_v2_encrypted), jsonb_path_query(native_col, '$.not-secret') FROM employees"
                         );
                     }
                     Err(err) => panic!("transformation failed: {err}"),
@@ -1567,7 +1567,7 @@ mod test {
             .map(|expr| match expr {
                 ast::Expr::Identifier(ident) => ident.to_string(),
                 ast::Expr::Value(ast::Value::SingleQuotedString(s)) => {
-                    format!("'<encrypted-selector({})>'::JSONB::eql_v1_encrypted", s)
+                    format!("'<encrypted-selector({})>'::JSONB::eql_v2_encrypted", s)
                 }
                 _ => panic!("unsupported expr type in test util"),
             })
@@ -1588,7 +1588,7 @@ mod test {
         match type_check(schema, &statement) {
             Ok(typed) => match typed.transform(encrypted_literals) {
                 Ok(statement) => {
-                    let rewritten_fn_name = format!("eql_v1.{fn_name}");
+                    let rewritten_fn_name = format!("eql_v2.{fn_name}");
                     assert_eq!(
                         statement.to_string(),
                         format!(
@@ -1623,7 +1623,7 @@ mod test {
                 match typed.transform(test_helpers::dummy_encrypted_json_selector(&statement, ast::Value::SingleQuotedString("medications".to_owned()))) {
                     Ok(statement) => assert_eq!(
                         statement.to_string(),
-                        format!("SELECT id, notes {} '<encrypted-selector(medications)>'::JSONB::eql_v1_encrypted AS meds FROM patients", op)
+                        format!("SELECT id, notes {} '<encrypted-selector(medications)>'::JSONB::eql_v2_encrypted AS meds FROM patients", op)
                     ),
                     Err(err) => panic!("transformation failed: {err}"),
                 }
diff --git a/packages/eql-mapper/src/model/schema_delta.rs b/packages/eql-mapper/src/model/schema_delta.rs
@@ -196,7 +196,7 @@ pub fn collect_ddl(table_resolver: Arc<TableResolver>, statement: &Statement) ->
             schema: schema_with_edits,
             changed: false,
         };
-        statement.accept(&mut visitor);
+        let _ = statement.accept(&mut visitor);
         return visitor.changed;
     }
 
diff --git a/packages/eql-mapper/src/test_helpers.rs b/packages/eql-mapper/src/test_helpers.rs
@@ -89,7 +89,7 @@ pub(crate) fn find_nodekey_for_value_node(
         found: None,
     };
 
-    statement.accept(&mut visitor);
+    let _ = statement.accept(&mut visitor);
 
     visitor.found
 }
diff --git a/packages/eql-mapper/src/transformation_rules/group_by_eql_col.rs b/packages/eql-mapper/src/transformation_rules/group_by_eql_col.rs
@@ -40,7 +40,7 @@ impl<'ast> TransformationRule<'ast> for GroupByEqlCol<'ast> {
 
             *target_node = helpers::wrap_in_1_arg_function(
                 transformed_expr,
-                ObjectName(vec![Ident::new("eql_v1"), Ident::new("ore_64_8_v1")]),
+                ObjectName(vec![Ident::new("eql_v2"), Ident::new("ore_64_8_v2")]),
             );
 
             return Ok(true);
diff --git a/packages/eql-mapper/src/transformation_rules/helpers.rs b/packages/eql-mapper/src/transformation_rules/helpers.rs
@@ -23,7 +23,7 @@ pub(crate) fn is_used_in_group_by_clause<'ast, N: AsNodeKey>(
                     ty: needle,
                     found: false,
                 };
-                exprs.accept(&mut visitor);
+                let _ = exprs.accept(&mut visitor);
                 visitor.found
             }
         },
@@ -56,7 +56,7 @@ pub(crate) fn cast_as_encrypted(wrapped: sqltk::parser::ast::Value) -> Expr {
         format: None,
     };
 
-    let encrypted_type = ObjectName(vec![Ident::new("eql_v1_encrypted")]);
+    let encrypted_type = ObjectName(vec![Ident::new("eql_v2_encrypted")]);
 
     Expr::Cast {
         kind: CastKind::DoubleColon,
diff --git a/packages/eql-mapper/src/transformation_rules/preserve_effective_aliases.rs b/packages/eql-mapper/src/transformation_rules/preserve_effective_aliases.rs
diff --git a/packages/eql-mapper/src/transformation_rules/rewrite_standard_sql_fns_on_eql_types.rs b/packages/eql-mapper/src/transformation_rules/rewrite_standard_sql_fns_on_eql_types.rs
diff --git a/packages/eql-mapper/src/transformation_rules/wrap_eql_cols_in_order_by_with_ore_fn.rs b/packages/eql-mapper/src/transformation_rules/wrap_eql_cols_in_order_by_with_ore_fn.rs
diff --git a/packages/eql-mapper/src/transformation_rules/wrap_grouped_eql_col_in_aggregate_fn.rs b/packages/eql-mapper/src/transformation_rules/wrap_grouped_eql_col_in_aggregate_fn.rs
diff --git a/tests/benchmark/sql/benchmark-schema.sql b/tests/benchmark/sql/benchmark-schema.sql
diff --git a/tests/sql/schema-uninstall.sql b/tests/sql/schema-uninstall.sql
diff --git a/tests/sql/schema.sql b/tests/sql/schema.sql
diff --git a/tests/tasks/test/integration/psql-passthrough.sh b/tests/tasks/test/integration/psql-passthrough.sh

Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,7 @@ use x509_parser::prelude::{FromDer, X509Certificate};`
`23`	`23`	`#[derive(Debug)]`
`24`	`24`	`pub enum AsyncStream {`
`25`	`25`	`Tcp(TcpStream),`
`26`		`- Tls(TlsStream<TcpStream>),`
	`26`	`+ Tls(Box<TlsStream<TcpStream>>),`
`27`	`27`	`}`
`28`	`28`
`29`	`29`	`impl AsyncStream {`
Original file line number	Diff line number	Diff line change
`@@ -197,5 +197,5 @@ pub async fn load_encrypt_config(config: &DatabaseConfig) -> Result<EncryptConfi`
`197`	`197`	`}`
`198`	`198`	`fn configuration_table_not_found(e: &tokio_postgres::Error) -> bool {`
`199`	`199`	`let msg = e.to_string();`
`200`		`- msg.contains("eql_v1_configuration") && msg.contains("does not exist")`
	`200`	`+ msg.contains("eql_v2_configuration") && msg.contains("does not exist")`
`201`	`201`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-SELECT data FROM public.eql_v1_configuration WHERE state = 'active' LIMIT 1;`
	`1`	`+SELECT data FROM public.eql_v2_configuration WHERE state = 'active' LIMIT 1;`
Original file line number	Diff line number	Diff line change
`@@ -84,7 +84,7 @@ pub async fn handler(`
`84`	`84`	`AsyncStream::Tcp(stream) => {`
`85`	`85`	`// The Client is connecting to our Server`
`86`	`86`	`let tls_stream = tls::server(stream, tls).await?;`
`87`		`- client_stream = AsyncStream::Tls(tls_stream);`
	`87`	`+ client_stream = AsyncStream::Tls(Box::new(tls_stream));`
`88`	`88`	`}`
`89`	`89`	`AsyncStream::Tls(_) => {`
`90`	`90`	`unreachable!();`
Original file line number	Diff line number	Diff line change
`@@ -56,9 +56,9 @@ impl Authentication {`
`56`	`56`
`57`	`57`	`pub fn is_scram_sha_256_plus(&self) -> bool {`
`58`	`58`	`match self.method {`
`59`		`- AuthenticationMethod::Sasl { ref mechanisms } => mechanisms`
`60`		`- .iter()`
`61`		`- .any(\|m\| *m == SaslMechanism::ScramSha256Plus),`
	`59`	`+ AuthenticationMethod::Sasl { ref mechanisms } => {`
	`60`	`+ mechanisms.contains(&SaslMechanism::ScramSha256Plus)`
	`61`	`+ }`
`62`	`62`	`_ => false,`
`63`	`63`	`}`
`64`	`64`	`}`