Skip to content

Commit 35d1fff

Browse files
sosthene-nitrokeysosthene-nitrokey
committed
Update to heapless 0.9
1 parent 43ed1ef commit 35d1fff

File tree

19 files changed

+82
-75
lines changed

19 files changed

+82
-75
lines changed

Cargo.toml

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@ homepage = "https://trussed.dev"
88
license = "Apache-2.0 OR MIT"
99

1010
[workspace.dependencies]
11-
heapless = "0.7"
12-
heapless-bytes = "0.3"
11+
heapless = "0.9"
12+
heapless-bytes = { version = "0.5", features = ["heapless-0.9"]}
1313
littlefs2-core = { version = "0.1", features = ["serde"] }
1414
postcard = "0.7.0"
1515
rand_core = "0.6"
@@ -35,7 +35,7 @@ bitflags = { version = "2.1" }
3535
# const-oid = "0.4.5"
3636
cfg-if = "1.0"
3737
embedded-hal = { version = "0.2.3", features = ["unproven"] }
38-
flexiber = { version = "0.1.0", features = ["derive", "heapless"] }
38+
flexiber = { version = "0.2.0", features = ["derive", "heapless"] }
3939
generic-array = "0.14.4"
4040
heapless = { workspace = true, features = ["serde"] }
4141
hex-literal = "0.4.1"
@@ -51,20 +51,20 @@ aes = { version = "0.8", default-features = false }
5151
cbc = "0.1.2"
5252
blake2 = { version = "0.10", default-features = false, optional = true }
5353
chacha20 = { version = "0.9", default-features = false }
54-
chacha20poly1305 = { version = "0.10", default-features = false, features = ["heapless", "reduced-round"] }
54+
chacha20poly1305 = { version = "0.10", default-features = false, features = ["reduced-round"] }
5555
des = { version = "0.8", optional = true }
5656
hmac = "0.12"
5757
sha-1 = { version = "0.10", default-features = false, optional = true }
5858
sha2 = { version = "0.10", default-features = false }
5959

6060
# ours
61-
cosey = "0.3"
61+
cosey = "0.4"
6262
delog = "0.1.0"
63-
cbor-smol = { version = "0.5", features = ["heapless-bytes-v0-3"] }
63+
cbor-smol = { version = "0.5", features = ["heapless-bytes-v0-5"] }
6464
heapless-bytes.workspace = true
6565
interchange = "0.3.0"
66-
littlefs2 = "0.5.0"
67-
littlefs2-core = { workspace = true, features = ["heapless-bytes03"] }
66+
littlefs2 = "0.7.0"
67+
littlefs2-core = { workspace = true, features = ["heapless-bytes05"] }
6868
p256-cortex-m4 = { version = "0.1.0-alpha.6", features = ["prehash", "sec1-signatures"] }
6969
salty = { version = "0.3.0", features = ["cose"] }
7070
p384 = { version = "0.13.0", optional = true, default-features = false, features = ["sha384", "ecdh", "ecdsa"] }
@@ -91,6 +91,7 @@ virt = ["std"]
9191

9292
log-all = []
9393
log-none = []
94+
log-trace = []
9495
log-info = []
9596
log-debug = []
9697
log-warn = []

core/src/client.rs

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -87,7 +87,7 @@ pub trait CertificateClient: PollClient {
8787
location: Location,
8888
der: &[u8],
8989
) -> ClientResult<'_, reply::WriteCertificate, Self> {
90-
let der = Message::from_slice(der).map_err(|_| ClientError::DataTooLarge)?;
90+
let der = Message::try_from(der).map_err(|_| ClientError::DataTooLarge)?;
9191
self.request(request::WriteCertificate { location, der })
9292
}
9393
}
@@ -134,11 +134,11 @@ pub trait CryptoClient: PollClient {
134134
nonce: &[u8],
135135
tag: &[u8],
136136
) -> ClientResult<'c, reply::Decrypt, Self> {
137-
let message = Message::from_slice(message).map_err(|_| ClientError::DataTooLarge)?;
137+
let message = Message::try_from(message).map_err(|_| ClientError::DataTooLarge)?;
138138
let associated_data =
139-
Message::from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?;
140-
let nonce = ShortData::from_slice(nonce).map_err(|_| ClientError::DataTooLarge)?;
141-
let tag = ShortData::from_slice(tag).map_err(|_| ClientError::DataTooLarge)?;
139+
Message::try_from(associated_data).map_err(|_| ClientError::DataTooLarge)?;
140+
let nonce = ShortData::try_from(nonce).map_err(|_| ClientError::DataTooLarge)?;
141+
let tag = ShortData::try_from(tag).map_err(|_| ClientError::DataTooLarge)?;
142142
self.request(request::Decrypt {
143143
mechanism,
144144
key,
@@ -196,7 +196,7 @@ pub trait CryptoClient: PollClient {
196196
attributes: StorageAttributes,
197197
) -> ClientResult<'c, reply::DeserializeKey, Self> {
198198
let serialized_key =
199-
SerializedKey::from_slice(serialized_key).map_err(|_| ClientError::DataTooLarge)?;
199+
SerializedKey::try_from(serialized_key).map_err(|_| ClientError::DataTooLarge)?;
200200
self.request(request::DeserializeKey {
201201
mechanism,
202202
serialized_key,
@@ -213,9 +213,9 @@ pub trait CryptoClient: PollClient {
213213
associated_data: &[u8],
214214
nonce: Option<ShortData>,
215215
) -> ClientResult<'c, reply::Encrypt, Self> {
216-
let message = Message::from_slice(message).map_err(|_| ClientError::DataTooLarge)?;
216+
let message = Message::try_from(message).map_err(|_| ClientError::DataTooLarge)?;
217217
let associated_data =
218-
ShortData::from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?;
218+
ShortData::try_from(associated_data).map_err(|_| ClientError::DataTooLarge)?;
219219
self.request(request::Encrypt {
220220
mechanism,
221221
key,
@@ -290,7 +290,7 @@ pub trait CryptoClient: PollClient {
290290
self.request(request::Sign {
291291
key,
292292
mechanism,
293-
message: Bytes::from_slice(data).map_err(|_| ClientError::DataTooLarge)?,
293+
message: Bytes::try_from(data).map_err(|_| ClientError::DataTooLarge)?,
294294
format,
295295
})
296296
}
@@ -306,8 +306,8 @@ pub trait CryptoClient: PollClient {
306306
self.request(request::Verify {
307307
mechanism,
308308
key,
309-
message: Message::from_slice(message).expect("all good"),
310-
signature: Signature::from_slice(signature).expect("all good"),
309+
message: Message::try_from(message).expect("all good"),
310+
signature: Signature::try_from(signature).expect("all good"),
311311
format,
312312
})
313313
}
@@ -321,7 +321,7 @@ pub trait CryptoClient: PollClient {
321321
) -> ClientResult<'_, reply::UnsafeInjectKey, Self> {
322322
self.request(request::UnsafeInjectKey {
323323
mechanism,
324-
raw_key: SerializedKey::from_slice(raw_key).unwrap(),
324+
raw_key: SerializedKey::try_from(raw_key).unwrap(),
325325
attributes: StorageAttributes::new().set_persistence(persistence),
326326
format,
327327
})
@@ -333,7 +333,7 @@ pub trait CryptoClient: PollClient {
333333
location: Location,
334334
) -> ClientResult<'_, reply::UnsafeInjectSharedKey, Self> {
335335
self.request(request::UnsafeInjectSharedKey {
336-
raw_key: ShortData::from_slice(raw_key).unwrap(),
336+
raw_key: ShortData::try_from(raw_key).unwrap(),
337337
location,
338338
})
339339
}
@@ -348,8 +348,8 @@ pub trait CryptoClient: PollClient {
348348
attributes: StorageAttributes,
349349
) -> ClientResult<'c, reply::UnwrapKey, Self> {
350350
let associated_data =
351-
Message::from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?;
352-
let nonce = ShortData::from_slice(nonce).map_err(|_| ClientError::DataTooLarge)?;
351+
Message::try_from(associated_data).map_err(|_| ClientError::DataTooLarge)?;
352+
let nonce = ShortData::try_from(nonce).map_err(|_| ClientError::DataTooLarge)?;
353353
self.request(request::UnwrapKey {
354354
mechanism,
355355
wrapping_key,
@@ -369,7 +369,7 @@ pub trait CryptoClient: PollClient {
369369
nonce: Option<ShortData>,
370370
) -> ClientResult<'_, reply::WrapKey, Self> {
371371
let associated_data =
372-
Bytes::from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?;
372+
Bytes::try_from(associated_data).map_err(|_| ClientError::DataTooLarge)?;
373373
self.request(request::WrapKey {
374374
mechanism,
375375
wrapping_key,

core/src/client/mechanisms.rs

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ pub trait Aes256Cbc: CryptoClient {
2828
wrapping_key,
2929
key,
3030
&[],
31-
iv.and_then(|iv| ShortData::from_slice(iv).ok()),
31+
iv.and_then(|iv| ShortData::try_from(iv).ok()),
3232
)
3333
}
3434
}
@@ -64,7 +64,7 @@ pub trait Chacha8Poly1305: CryptoClient {
6464
key,
6565
message,
6666
associated_data,
67-
nonce.and_then(|nonce| ShortData::from_slice(nonce).ok()),
67+
nonce.and_then(|nonce| ShortData::try_from(nonce).ok()),
6868
)
6969
}
7070

@@ -88,7 +88,7 @@ pub trait Chacha8Poly1305: CryptoClient {
8888
self.unwrap_key(
8989
Mechanism::Chacha8Poly1305,
9090
wrapping_key,
91-
Message::from_slice(wrapped_key).map_err(|_| ClientError::DataTooLarge)?,
91+
Message::try_from(wrapped_key).map_err(|_| ClientError::DataTooLarge)?,
9292
associated_data,
9393
&[],
9494
StorageAttributes::new().set_persistence(location),
@@ -107,7 +107,7 @@ pub trait Chacha8Poly1305: CryptoClient {
107107
wrapping_key,
108108
key,
109109
associated_data,
110-
nonce.and_then(|nonce| ShortData::from_slice(nonce).ok()),
110+
nonce.and_then(|nonce| ShortData::try_from(nonce).ok()),
111111
)
112112
}
113113
}
@@ -122,7 +122,7 @@ pub trait HmacBlake2s: CryptoClient {
122122
self.derive_key(
123123
Mechanism::HmacBlake2s,
124124
base_key,
125-
Some(MediumData::from_slice(message).map_err(|_| ClientError::DataTooLarge)?),
125+
Some(MediumData::try_from(message).map_err(|_| ClientError::DataTooLarge)?),
126126
StorageAttributes::new().set_persistence(persistence),
127127
)
128128
}
@@ -151,7 +151,7 @@ pub trait HmacSha1: CryptoClient {
151151
self.derive_key(
152152
Mechanism::HmacSha1,
153153
base_key,
154-
Some(MediumData::from_slice(message).map_err(|_| ClientError::DataTooLarge)?),
154+
Some(MediumData::try_from(message).map_err(|_| ClientError::DataTooLarge)?),
155155
StorageAttributes::new().set_persistence(persistence),
156156
)
157157
}
@@ -180,7 +180,7 @@ pub trait HmacSha256: CryptoClient {
180180
self.derive_key(
181181
Mechanism::HmacSha256,
182182
base_key,
183-
Some(MediumData::from_slice(message).map_err(|_| ClientError::DataTooLarge)?),
183+
Some(MediumData::try_from(message).map_err(|_| ClientError::DataTooLarge)?),
184184
StorageAttributes::new().set_persistence(persistence),
185185
)
186186
}
@@ -209,7 +209,7 @@ pub trait HmacSha512: CryptoClient {
209209
self.derive_key(
210210
Mechanism::HmacSha512,
211211
base_key,
212-
Some(MediumData::from_slice(message).map_err(|_| ClientError::DataTooLarge)?),
212+
Some(MediumData::try_from(message).map_err(|_| ClientError::DataTooLarge)?),
213213
StorageAttributes::new().set_persistence(persistence),
214214
)
215215
}
@@ -568,7 +568,7 @@ pub trait Sha256: CryptoClient {
568568
fn hash_sha256<'c>(&'c mut self, message: &[u8]) -> ClientResult<'c, reply::Hash, Self> {
569569
self.hash(
570570
Mechanism::Sha256,
571-
Message::from_slice(message).map_err(|_| ClientError::DataTooLarge)?,
571+
Message::try_from(message).map_err(|_| ClientError::DataTooLarge)?,
572572
)
573573
}
574574
}

core/src/serde_extensions.rs

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,16 @@ use crate::{
2020
types::Bytes,
2121
};
2222

23+
pub(crate) fn postcard_serialize_bytes<T: serde::Serialize, const N: usize>(
24+
object: &T,
25+
) -> postcard::Result<Bytes<N>> {
26+
let mut vec = Bytes::new();
27+
vec.resize_to_capacity();
28+
let serialized = postcard::to_slice(object, &mut vec)?.len();
29+
vec.resize(serialized, 0).unwrap();
30+
Ok(vec)
31+
}
32+
2333
/// A Trussed API extension.
2434
pub trait Extension {
2535
/// The requests supported by this extension.
@@ -37,8 +47,7 @@ pub trait Extension {
3747
id: u8,
3848
request: &Self::Request,
3949
) -> Result<request::SerdeExtension, ClientError> {
40-
postcard::to_vec(request)
41-
.map(Bytes::from)
50+
postcard_serialize_bytes(request)
4251
.map(|request| request::SerdeExtension { id, request })
4352
.map_err(|_| ClientError::SerializationFailed)
4453
}
@@ -60,8 +69,7 @@ pub trait Extension {
6069
/// crate releases.
6170
#[inline(never)]
6271
fn serialize_reply(reply: &Self::Reply) -> Result<reply::SerdeExtension, Error> {
63-
postcard::to_vec(reply)
64-
.map(Bytes::from)
72+
postcard_serialize_bytes(reply)
6573
.map(|reply| reply::SerdeExtension { reply })
6674
.map_err(|_| Error::ReplySerializationFailure)
6775
}

src/lib.rs

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -66,8 +66,11 @@ pub(crate) use postcard::from_bytes as postcard_deserialize;
6666
pub(crate) fn postcard_serialize_bytes<T: serde::Serialize, const N: usize>(
6767
object: &T,
6868
) -> postcard::Result<Bytes<N>> {
69-
let vec = postcard::to_vec(object)?;
70-
Ok(Bytes::from(vec))
69+
let mut vec = Bytes::new();
70+
vec.resize_to_capacity();
71+
let serialized = postcard::to_slice(object, &mut vec)?.len();
72+
vec.resize(serialized, 0).unwrap();
73+
Ok(vec)
7174
}
7275

7376
#[cfg(test)]

src/mechanisms/aes256cbc.rs

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@ impl Encrypt for super::Aes256Cbc {
5757
.encrypt_padded_mut::<ZeroPadding>(&mut buffer, l)
5858
.unwrap();
5959

60-
let ciphertext = Message::from_slice(ciphertext).unwrap();
60+
let ciphertext = Message::try_from(ciphertext).unwrap();
6161
Ok(reply::Encrypt {
6262
ciphertext,
6363
nonce: ShortData::new(),
@@ -78,7 +78,7 @@ impl WrapKey for super::Aes256Cbc {
7878

7979
// let message: Message = serialized_key.material.try_to_byte_buf().map_err(|_| Error::InternalError)?;
8080

81-
let message = Message::from_slice(
81+
let message = Message::try_from(
8282
keystore
8383
.load_key(key::Secrecy::Secret, None, &request.key)?
8484
.material
@@ -152,7 +152,7 @@ impl Decrypt for super::Aes256Cbc {
152152
.decrypt_padded_mut::<ZeroPadding>(&mut buffer)
153153
.unwrap();
154154
// hprintln!("decrypted: {:?}", &plaintext).ok();
155-
let plaintext = Message::from_slice(plaintext).unwrap();
155+
let plaintext = Message::try_from(plaintext).unwrap();
156156

157157
Ok(reply::Decrypt {
158158
plaintext: Some(plaintext),

src/mechanisms/chacha8poly1305.rs

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -155,8 +155,8 @@ impl Encrypt for super::Chacha8Poly1305 {
155155
.try_into()
156156
.unwrap();
157157

158-
let nonce = ShortData::from_slice(&nonce).unwrap();
159-
let tag = ShortData::from_slice(&tag).unwrap();
158+
let nonce = ShortData::try_from(&nonce).unwrap();
159+
let tag = ShortData::try_from(&tag).unwrap();
160160

161161
// let ciphertext = Message::from_slice(&ciphertext).unwrap();
162162
Ok(reply::Encrypt {
@@ -179,7 +179,7 @@ impl WrapKey for super::Chacha8Poly1305 {
179179
// TODO: need to check both secret and private keys
180180
let serialized_key = keystore.load_key(key::Secrecy::Secret, None, &request.key)?;
181181

182-
let message = Message::from_slice(&serialized_key.serialize()).unwrap();
182+
let message = Message::try_from(&*serialized_key.serialize()).unwrap();
183183

184184
let encryption_request = request::Encrypt {
185185
mechanism: Mechanism::Chacha8Poly1305,

src/mechanisms/ed255.rs

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -140,7 +140,7 @@ impl SerializeKey for super::Ed255 {
140140
let cose_pk = cosey::Ed25519PublicKey {
141141
// x: Bytes::from_slice(public_key.x_coordinate()).unwrap(),
142142
// x: Bytes::from_slice(&buf).unwrap(),
143-
x: Bytes::from_slice(public_key.as_bytes()).unwrap(),
143+
x: Bytes::try_from(public_key.as_bytes()).unwrap(),
144144
};
145145
crate::cbor_serialize_bytes(&cose_pk).map_err(|_| Error::CborError)?
146146
}
@@ -196,7 +196,7 @@ impl Sign for super::Ed255 {
196196
let keypair = load_keypair(keystore, &key_id)?;
197197

198198
let native_signature = keypair.sign(&request.message);
199-
let our_signature = Signature::from_slice(&native_signature.to_bytes()).unwrap();
199+
let our_signature = Signature::try_from(&native_signature.to_bytes()).unwrap();
200200

201201
// hprintln!("Ed255 signature:").ok();
202202
// hprintln!("msg: {:?}", &request.message).ok();

src/mechanisms/hmacsha1.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ impl Sign for super::HmacSha1 {
6060

6161
mac.update(&request.message);
6262
let result = mac.finalize();
63-
let signature = Signature::from_slice(&result.into_bytes()).unwrap();
63+
let signature = Signature::try_from(&*result.into_bytes()).unwrap();
6464

6565
Ok(reply::Sign { signature })
6666
}

src/mechanisms/hmacsha256.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,7 @@ impl Sign for super::HmacSha256 {
6565

6666
mac.update(&request.message);
6767
let result = mac.finalize();
68-
let signature = Signature::from_slice(&result.into_bytes()).unwrap();
68+
let signature = Signature::try_from(&*result.into_bytes()).unwrap();
6969

7070
Ok(reply::Sign { signature })
7171
}

0 commit comments

Comments
 (0)