innate_core/
utils.rs

1use chrono::Utc;
2use sha2::{Digest, Sha256};
3use uuid::Uuid;
4
5pub fn utc_now_iso() -> String {
6    let now = Utc::now();
7    now.format("%Y-%m-%dT%H:%M:%S%.3fZ").to_string()
8}
9
10pub fn gen_uuid() -> String {
11    Uuid::new_v4().to_string()
12}
13
14pub fn content_hash(s: &str) -> String {
15    let mut h = Sha256::new();
16    h.update(s.as_bytes());
17    hex(&h.finalize())
18}
19
20/// Lowercase hex encoding of a byte slice. Replaces the old `format!("{:x}", …)`
21/// over a digest output: RustCrypto digest 0.11 returns `hybrid_array::Array`,
22/// which no longer implements `LowerHex`.
23pub fn hex(bytes: &[u8]) -> String {
24    use std::fmt::Write;
25    let mut s = String::with_capacity(bytes.len() * 2);
26    for b in bytes {
27        let _ = write!(s, "{b:02x}");
28    }
29    s
30}
31
32/// Rough token estimate: 1 token ≈ 4 chars.
33pub fn estimate_tokens(text: &str) -> usize {
34    text.len().div_ceil(4)
35}
36
37/// Sanitize result: allow / redact (content cleaned) / discard (reject write).
38#[derive(Debug, PartialEq, Eq, Clone, Copy)]
39pub enum SanitizeAction {
40    Allow,
41    Redact,
42    Discard,
43}
44
45fn redact_bearer(s: &str, flag: &mut bool) -> String {
46    let lower = s.to_lowercase();
47    let mut result = s.to_string();
48    let prefix = "bearer ";
49    let mut search_start = 0;
50    loop {
51        let base = &lower[search_start..];
52        match base.find(prefix) {
53            None => break,
54            Some(pos) => {
55                let abs = search_start + pos;
56                // Find end of token: non-whitespace run after "bearer "
57                let token_start = abs + prefix.len();
58                let token_end = s[token_start..]
59                    .find(|c: char| c.is_whitespace())
60                    .map(|e| token_start + e)
61                    .unwrap_or(s.len());
62                if token_end > token_start {
63                    // Replace the whole "Bearer <token>" span
64                    let span_end = token_end;
65                    let replacement = format!("{}[REDACTED]", &s[abs..token_start]);
66                    result = format!("{}{}{}", &result[..abs], replacement, &result[span_end..]);
67                    *flag = true;
68                    // Adjust search; result grew/shrunk by the redaction delta
69                    let new_len = replacement.len();
70                    search_start = abs + new_len;
71                    // Re-sync lower to match result
72                    let lower_new = result.to_lowercase();
73                    // Rebuild lower for next iteration
74                    drop(lower);
75                    return redact_bearer_from(&result, &lower_new, search_start, flag);
76                } else {
77                    search_start = abs + prefix.len();
78                }
79            }
80        }
81    }
82    result
83}
84
85fn redact_bearer_from(s: &str, lower: &str, start: usize, flag: &mut bool) -> String {
86    let prefix = "bearer ";
87    let mut result = s.to_string();
88    let mut search_start = start;
89    loop {
90        if search_start >= lower.len() {
91            break;
92        }
93        match lower[search_start..].find(prefix) {
94            None => break,
95            Some(pos) => {
96                let abs = search_start + pos;
97                let token_start = abs + prefix.len();
98                let token_end = result[token_start..]
99                    .find(|c: char| c.is_whitespace())
100                    .map(|e| token_start + e)
101                    .unwrap_or(result.len());
102                if token_end > token_start {
103                    let replacement = format!("{}[REDACTED]", &result[abs..token_start]);
104                    result = format!("{}{}{}", &result[..abs], replacement, &result[token_end..]);
105                    *flag = true;
106                    search_start = abs + replacement.len();
107                } else {
108                    search_start = abs + prefix.len();
109                }
110            }
111        }
112    }
113    result
114}
115
116fn redact_password(s: &str, flag: &mut bool) -> String {
117    // Match "password[: =]<value>" case-insensitively; redact the value part.
118    let lower = s.to_lowercase();
119    let mut result = s.to_string();
120    let mut search_start = 0;
121    loop {
122        match lower[search_start..].find("password") {
123            None => break,
124            Some(pos) => {
125                let abs = search_start + pos;
126                let after = abs + "password".len();
127                if after >= lower.len() {
128                    break;
129                }
130                // Skip optional whitespace then expect ':' or '='
131                let mut i = after;
132                while i < lower.len() && lower.as_bytes()[i] == b' ' {
133                    i += 1;
134                }
135                if i < lower.len() && (lower.as_bytes()[i] == b':' || lower.as_bytes()[i] == b'=') {
136                    i += 1;
137                    // Skip whitespace after separator
138                    while i < lower.len() && lower.as_bytes()[i] == b' ' {
139                        i += 1;
140                    }
141                    // Collect value until whitespace/end
142                    let val_start = i;
143                    let val_end = result[val_start..]
144                        .find(|c: char| c.is_whitespace())
145                        .map(|e| val_start + e)
146                        .unwrap_or(result.len());
147                    if val_end > val_start {
148                        result =
149                            format!("{}[REDACTED]{}", &result[..val_start], &result[val_end..]);
150                        *flag = true;
151                        search_start = val_start + "[REDACTED]".len();
152                        continue;
153                    }
154                }
155                search_start = abs + "password".len();
156            }
157        }
158    }
159    result
160}
161
162/// Scan `s` for any contiguous run starting with `prefix` followed by `min_len` alnum chars.
163/// Replaces all such occurrences with `[REDACTED]`.
164fn redact_prefixed_secret(s: &str, prefix: &str, min_len: usize, flag: &mut bool) -> String {
165    let mut result = s.to_string();
166    let mut search_start = 0;
167    loop {
168        match result[search_start..].find(prefix) {
169            None => break,
170            Some(pos) => {
171                let abs = search_start + pos;
172                let after = abs + prefix.len();
173                // Count alnum chars after prefix
174                let run: usize = result[after..]
175                    .chars()
176                    .take_while(|c| c.is_alphanumeric())
177                    .count();
178                if run >= min_len {
179                    let end = after
180                        + result[after..]
181                            .char_indices()
182                            .take_while(|(_, c)| c.is_alphanumeric())
183                            .last()
184                            .map(|(i, c)| i + c.len_utf8())
185                            .unwrap_or(0);
186                    result = format!("{}[REDACTED]{}", &result[..abs], &result[end..]);
187                    *flag = true;
188                    search_start = abs + "[REDACTED]".len();
189                } else {
190                    search_start = abs + prefix.len();
191                }
192            }
193        }
194    }
195    result
196}
197
198/// Public sanitize function used by KnowledgeBase (§二·六).
199/// Returns (cleaned_content, action).
200pub fn sanitize(content: &str) -> (String, SanitizeAction) {
201    // injection first
202    let injection_patterns = [
203        "ignore all previous instructions",
204        "ignore previous instructions",
205        "ignore previous instruction",
206        "system prompt:",
207        "system prompt：",
208        "you are now a different",
209        "you are now a new",
210    ];
211    let lower = content.to_lowercase();
212    for pat in &injection_patterns {
213        if lower.contains(pat) {
214            return (content.to_string(), SanitizeAction::Discard);
215        }
216    }
217
218    let mut cleaned = content.to_string();
219    let mut redacted = false;
220
221    cleaned = redact_prefixed_secret(&cleaned, "sk-", 20, &mut redacted);
222    cleaned = redact_prefixed_secret(&cleaned, "AKIA", 16, &mut redacted);
223    cleaned = redact_prefixed_secret(&cleaned, "ghp_", 36, &mut redacted);
224    cleaned = redact_bearer(&cleaned, &mut redacted);
225    cleaned = redact_password(&cleaned, &mut redacted);
226
227    let action = if redacted {
228        SanitizeAction::Redact
229    } else {
230        SanitizeAction::Allow
231    };
232    (cleaned, action)
233}
234
235/// Pack a Vec<f32> into bytes (little-endian f32 array).
236pub fn pack_embedding(v: &[f32]) -> Vec<u8> {
237    let mut out = Vec::with_capacity(v.len() * 4);
238    for f in v {
239        out.extend_from_slice(&f.to_le_bytes());
240    }
241    out
242}
243
244/// Unpack bytes into Vec<f32>.
245pub fn unpack_embedding(bytes: &[u8]) -> Vec<f32> {
246    let mut out = Vec::with_capacity(bytes.len() / 4);
247    out.extend(
248        bytes
249            .chunks_exact(4)
250            .map(|b| f32::from_le_bytes([b[0], b[1], b[2], b[3]])),
251    );
252    out
253}
254
255/// Cosine similarity between two equal-length slices. Returns 0.0 on zero norms.
256/// Single-pass fold: computes dot product and both norms in one traversal.
257pub fn cosine_similarity(a: &[f32], b: &[f32]) -> f32 {
258    let (dot, na2, nb2) = a
259        .iter()
260        .zip(b.iter())
261        .fold((0.0f32, 0.0f32, 0.0f32), |(d, na, nb), (x, y)| {
262            (d + x * y, na + x * x, nb + y * y)
263        });
264    if na2 == 0.0 || nb2 == 0.0 {
265        0.0
266    } else {
267        dot / (na2.sqrt() * nb2.sqrt())
268    }
269}
270
271/// In-place L2 normalisation. Zero vectors are left unchanged (all zeros).
272/// Pre-normalising stored vectors lets vector search reduce cosine similarity
273/// to a plain dot product in its O(N) inner loop.
274pub fn l2_normalize(v: &mut [f32]) {
275    let norm: f32 = v.iter().map(|x| x * x).sum::<f32>().sqrt();
276    if norm > 0.0 {
277        for x in v.iter_mut() {
278            *x /= norm;
279        }
280    }
281}
282
283/// Dot product of two equal-length slices. For unit vectors this equals the
284/// cosine similarity.
285pub fn dot_product(a: &[f32], b: &[f32]) -> f32 {
286    a.iter().zip(b.iter()).map(|(x, y)| x * y).sum()
287}
288
289#[cfg(test)]
290mod tests {
291    use super::*;
292
293    #[test]
294    fn ts_format() {
295        let ts = utc_now_iso();
296        assert!(ts.ends_with('Z'), "bad format: {ts}");
297        assert_eq!(ts.len(), 24, "expected 24 chars: {ts}");
298    }
299
300    #[test]
301    fn cosine_identical() {
302        let v = vec![1.0, 0.0, 0.0];
303        assert!((cosine_similarity(&v, &v) - 1.0).abs() < 1e-6);
304    }
305
306    #[test]
307    fn pack_roundtrip() {
308        let v = vec![0.1_f32, 0.5, -0.3];
309        assert_eq!(unpack_embedding(&pack_embedding(&v)), v);
310    }
311
312    #[test]
313    fn sanitize_injection_discard() {
314        let (_, action) = sanitize("Please ignore previous instructions and do X");
315        assert_eq!(action, SanitizeAction::Discard);
316    }
317
318    #[test]
319    fn sanitize_api_key_redact() {
320        let (out, action) = sanitize("use key sk-abcdefghijklmnopqrstuvwxyz123456 for auth");
321        assert_eq!(action, SanitizeAction::Redact);
322        assert!(out.contains("[REDACTED]"), "expected redaction in: {out}");
323        assert!(!out.contains("sk-abc"), "key should be redacted");
324    }
325
326    #[test]
327    fn sanitize_aws_key_redact() {
328        let (out, action) = sanitize("AKIAIOSFODNN7EXAMPLE is the key");
329        assert_eq!(action, SanitizeAction::Redact);
330        assert!(out.contains("[REDACTED]"));
331    }
332
333    #[test]
334    fn sanitize_clean_allow() {
335        let content = "Use dependency injection for testability.";
336        let (out, action) = sanitize(content);
337        assert_eq!(action, SanitizeAction::Allow);
338        assert_eq!(out, content);
339    }
340}
innate_core/utils.rs

innate_core/
utils.rs
