From dfbcb41d2ec0d0dda4be66d23f637aebdcecf21f Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Mon, 23 Jan 2023 13:52:22 +0100 Subject: [PATCH 01/10] Make some types non-exhaustive This patch makes enums and structs that are likely to change if we add new functionality non-exhaustive. This makes it possible to add new features without breaking compatibility. --- CHANGELOG.md | 2 ++ src/api/macros.rs | 2 ++ src/error.rs | 1 + src/types.rs | 4 ++++ 4 files changed, 9 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index de453af138e..e2454a18850 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -32,6 +32,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Upgrade the `interchange` dependency to version 0.3.0 ([#99][]) - As a consequence the type `pipe::TrussedInterchange` becomes a const`pipe::TRUSSED_INTERCHANGE` - Updated `littlefs2` to 0.4.0. +- Made `Request`, `Reply`, `Error`, `Context`, `CoreContext`, `Mechanism`, + `ui::Status` non-exhaustive. ### Fixed diff --git a/src/api/macros.rs b/src/api/macros.rs index 0de36555b52..9a486a72e30 100644 --- a/src/api/macros.rs +++ b/src/api/macros.rs @@ -3,6 +3,7 @@ macro_rules! generate_enums { #[derive(Clone, Eq, PartialEq, Debug)] #[allow(clippy::large_enum_variant)] + #[non_exhaustive] pub enum Request { DummyRequest, // for testing $( @@ -13,6 +14,7 @@ macro_rules! generate_enums { #[derive(Clone, Eq, PartialEq, Debug)] #[allow(clippy::large_enum_variant)] + #[non_exhaustive] pub enum Reply { DummyReply, // for testing $( diff --git a/src/error.rs b/src/error.rs index 5d48d4b3394..1444789aa64 100644 --- a/src/error.rs +++ b/src/error.rs @@ -7,6 +7,7 @@ pub type Result = core::result::Result; #[derive(Copy, Clone, Eq, PartialEq, Debug)] #[repr(u32)] +#[non_exhaustive] pub enum Error { // cryptoki errors HostMemory = 0x0000_0002, diff --git a/src/types.rs b/src/types.rs index 3e41efeb30e..81ded044bf8 100644 --- a/src/types.rs +++ b/src/types.rs @@ -170,6 +170,7 @@ pub mod ui { // TODO: Consider whether a simple "language" to specify "patterns" // makes sense, vs. "semantic" indications with platform-specific implementation #[derive(Copy, Clone, Eq, PartialEq, Debug, Serialize, Deserialize)] + #[non_exhaustive] pub enum Status { Idle, WaitingForUserPresence, @@ -242,6 +243,7 @@ pub mod consent { /// The context stores the state used by the standard syscall implementations, see /// [`CoreContext`][]. Additionally, backends can define a custom context for their syscall /// implementations. +#[non_exhaustive] pub struct Context { pub core: CoreContext, pub backends: B, @@ -260,6 +262,7 @@ impl From for Context { // currently has. Trussed currently uses it to choose the client-specific // subtree in the filesystem (see docs in src/store.rs) and to maintain // the walker state of the directory traversal syscalls. +#[non_exhaustive] pub struct CoreContext { pub path: PathBuf, pub read_dir_state: Option, @@ -545,6 +548,7 @@ impl Default for StorageAttributes { } #[derive(Copy, Clone, Eq, PartialEq, Debug, Serialize, Deserialize)] +#[non_exhaustive] pub enum Mechanism { Aes256Cbc, Chacha8Poly1305, From c749b095ee4676cf4fa351cef992d96240cb914f Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Mon, 23 Jan 2023 13:54:50 +0100 Subject: [PATCH 02/10] Remove public postcard re-exports postcard serialization is only used internally and therefore is an implementation detail that should not be part of the public API. Crates that also need postcard serialization should declare their own dependency for that. --- CHANGELOG.md | 2 ++ src/lib.rs | 7 ++++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e2454a18850..724978871f0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -34,6 +34,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Updated `littlefs2` to 0.4.0. - Made `Request`, `Reply`, `Error`, `Context`, `CoreContext`, `Mechanism`, `ui::Status` non-exhaustive. +- Made `postcard_deserialize`, `postcard_serialize` and + `postcard_serialize_bytes` private. ### Fixed diff --git a/src/lib.rs b/src/lib.rs index b45fc39a8f4..177dd376c01 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -48,11 +48,12 @@ pub use error::Error; pub use platform::Platform; pub use service::Service; -pub use cbor_smol::{cbor_deserialize, cbor_serialize, cbor_serialize_bytes}; +pub use cbor_smol::{cbor_deserialize, cbor_serialize_bytes}; pub use heapless_bytes::Bytes; -pub use postcard::{from_bytes as postcard_deserialize, to_slice as postcard_serialize}; -pub fn postcard_serialize_bytes( +pub(crate) use postcard::from_bytes as postcard_deserialize; + +pub(crate) fn postcard_serialize_bytes( object: &T, ) -> postcard::Result> { let vec = postcard::to_vec(object)?; From 05ccd77148301bd25b948c85463c267a9bb22485 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sosth=C3=A8ne=20Gu=C3=A9don?= Date: Thu, 6 Oct 2022 10:39:04 +0200 Subject: [PATCH 03/10] Update aes dependency and replace block-modes by cbc --- Cargo.toml | 4 ++-- src/mechanisms/aes256cbc.rs | 24 ++++++++++++------------ tests/aes256cbc.rs | 9 +++++---- 3 files changed, 19 insertions(+), 18 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 76dfbcf92a0..804cd926af3 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -26,9 +26,9 @@ serde = { version = "1.0", default-features = false } zeroize = { version = "1.2", default-features = false, features = ["zeroize_derive"] } # RustCrypto -aes = { version = "0.7", default-features = false } +aes = { version = "0.8", default-features = false } +cbc = "0.1.2" blake2 = { version = "0.9", default-features = false, optional = true } -block-modes = { version = "0.8", default-features = false } chacha20 = { version = "0.7", default-features = false, features = ["rng"] } chacha20poly1305 = { version = "0.8", default-features = false, features = ["heapless", "reduced-round"] } des = { version = "0.7", optional = true } diff --git a/src/mechanisms/aes256cbc.rs b/src/mechanisms/aes256cbc.rs index 9afa40ea7e8..a49d4a7e230 100644 --- a/src/mechanisms/aes256cbc.rs +++ b/src/mechanisms/aes256cbc.rs @@ -13,13 +13,11 @@ impl Encrypt for super::Aes256Cbc { keystore: &mut impl Keystore, request: &request::Encrypt, ) -> Result { - use block_modes::{BlockMode, Cbc}; - // use block_modes::Cbc; use aes::Aes256; - use block_modes::block_padding::ZeroPadding; + use cbc::cipher::{block_padding::ZeroPadding, BlockEncryptMut, KeyIvInit}; + type Aes256CbcEnc = cbc::Encryptor; // TODO: perhaps use NoPadding and have client pad, to emphasize spec-conformance? - type Aes256Cbc = Cbc; let key_id = request.key; let key = keystore.load_key(key::Secrecy::Secret, None, &key_id)?; @@ -34,7 +32,7 @@ impl Encrypt for super::Aes256Cbc { .map_err(|_| Error::InternalError)?; let zero_iv = [0u8; 16]; - let cipher = Aes256Cbc::new_from_slices(&symmetric_key, &zero_iv).unwrap(); + let cipher = Aes256CbcEnc::new_from_slices(&symmetric_key, &zero_iv).unwrap(); // buffer must have enough space for message+padding let mut buffer = request.message.clone(); @@ -47,7 +45,9 @@ impl Encrypt for super::Aes256Cbc { // Encrypt message in-place. // &buffer[..pos] is used as a message and &buffer[pos..] as a reserved space for padding. // The padding space should be big enough for padding, otherwise method will return Err(BlockModeError). - let ciphertext = cipher.encrypt(&mut buffer, l).unwrap(); + let ciphertext = cipher + .encrypt_padded_mut::(&mut buffer, l) + .unwrap(); let ciphertext = Message::from_slice(ciphertext).unwrap(); Ok(reply::Encrypt { @@ -99,13 +99,11 @@ impl Decrypt for super::Aes256Cbc { keystore: &mut impl Keystore, request: &request::Decrypt, ) -> Result { - use block_modes::{BlockMode, Cbc}; - // use block_modes::Cbc; use aes::Aes256; - use block_modes::block_padding::ZeroPadding; + use cbc::cipher::{block_padding::ZeroPadding, BlockDecryptMut, KeyIvInit}; // TODO: perhaps use NoPadding and have client pad, to emphasize spec-conformance? - type Aes256Cbc = Cbc; + type Aes256CbcDec = cbc::Decryptor; let key_id = request.key; let key = keystore.load_key(key::Secrecy::Secret, None, &key_id)?; @@ -120,7 +118,7 @@ impl Decrypt for super::Aes256Cbc { .map_err(|_| Error::InternalError)?; let zero_iv = [0u8; 16]; - let cipher = Aes256Cbc::new_from_slices(&symmetric_key, &zero_iv).unwrap(); + let cipher = Aes256CbcDec::new_from_slices(&symmetric_key, &zero_iv).unwrap(); // buffer must have enough space for message+padding let mut buffer = request.message.clone(); @@ -134,7 +132,9 @@ impl Decrypt for super::Aes256Cbc { // if after decoding message has malformed padding. // hprintln!("encrypted: {:?}", &buffer).ok(); // hprintln!("symmetric key: {:?}", &symmetric_key).ok(); - let plaintext = cipher.decrypt(&mut buffer).unwrap(); + let plaintext = cipher + .decrypt_padded_mut::(&mut buffer) + .unwrap(); // hprintln!("decrypted: {:?}", &plaintext).ok(); let plaintext = Message::from_slice(plaintext).unwrap(); diff --git a/tests/aes256cbc.rs b/tests/aes256cbc.rs index 6babe7a8466..9310dfa21a0 100644 --- a/tests/aes256cbc.rs +++ b/tests/aes256cbc.rs @@ -9,8 +9,7 @@ use trussed::types::Location::*; use trussed::types::{Mechanism, StorageAttributes}; use aes::Aes256; -use block_modes::block_padding::ZeroPadding; -use block_modes::{BlockMode, Cbc}; +use cbc::cipher::{block_padding::ZeroPadding, BlockEncryptMut, KeyIvInit}; use sha2::digest::Digest; #[test] @@ -25,9 +24,11 @@ fn aes256cbc() { let hash = sha2::Sha256::new(); let key_ref = hash.finalize(); - let cipher = Cbc::::new_from_slices(&key_ref, &[0; 16]).unwrap(); + let cipher = cbc::Encryptor::::new_from_slices(&key_ref, &[0; 16]).unwrap(); let mut buffer = [48; 64]; - cipher.encrypt(&mut buffer, 64).unwrap(); + cipher + .encrypt_padded_mut::(&mut buffer, 64) + .unwrap(); assert_ne!(buffer, [48; 64]); assert_eq!(buffer.as_slice(), ciphertext.as_slice()); From fd0679c7c97be018d003d7aad97f117d5fffb7af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sosth=C3=A8ne=20Gu=C3=A9don?= Date: Thu, 6 Oct 2022 10:56:50 +0200 Subject: [PATCH 04/10] Update chacha dependency The `rng` feature is replaced by rand_chacha --- Cargo.toml | 5 +++-- src/mechanisms/chacha8poly1305.rs | 8 ++++---- src/service.rs | 5 ++--- src/store/certstore.rs | 2 +- src/store/counterstore.rs | 2 +- src/store/keystore.rs | 2 +- src/tests.rs | 3 ++- src/virt.rs | 2 +- 8 files changed, 15 insertions(+), 14 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 804cd926af3..51fb98a7a49 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -24,13 +24,14 @@ postcard = "0.7.0" rand_core = "0.6" serde = { version = "1.0", default-features = false } zeroize = { version = "1.2", default-features = false, features = ["zeroize_derive"] } +rand_chacha = { version = "0.3.1", default-features = false } # RustCrypto aes = { version = "0.8", default-features = false } cbc = "0.1.2" blake2 = { version = "0.9", default-features = false, optional = true } -chacha20 = { version = "0.7", default-features = false, features = ["rng"] } -chacha20poly1305 = { version = "0.8", default-features = false, features = ["heapless", "reduced-round"] } +chacha20 = { version = "0.9", default-features = false } +chacha20poly1305 = { version = "0.10", default-features = false, features = ["heapless", "reduced-round"] } des = { version = "0.7", optional = true } hmac = "0.11" sha-1 = { version = "0.9", default-features = false, optional = true } diff --git a/src/mechanisms/chacha8poly1305.rs b/src/mechanisms/chacha8poly1305.rs index 88dde6f76ba..7e20dca4121 100644 --- a/src/mechanisms/chacha8poly1305.rs +++ b/src/mechanisms/chacha8poly1305.rs @@ -67,7 +67,7 @@ impl Decrypt for super::Chacha8Poly1305 { keystore: &mut impl Keystore, request: &request::Decrypt, ) -> Result { - use chacha20poly1305::aead::{AeadInPlace, NewAead}; + use chacha20poly1305::aead::{AeadMutInPlace, KeyInit}; use chacha20poly1305::ChaCha8Poly1305; let key = keystore.load_key(key::Secrecy::Secret, None, &request.key)?; @@ -80,7 +80,7 @@ impl Decrypt for super::Chacha8Poly1305 { let symmetric_key = &serialized[..KEY_LEN]; - let aead = ChaCha8Poly1305::new(&GenericArray::clone_from_slice(symmetric_key)); + let mut aead = ChaCha8Poly1305::new(&GenericArray::clone_from_slice(symmetric_key)); let mut plaintext = request.message.clone(); let nonce = GenericArray::from_slice(&request.nonce); @@ -110,7 +110,7 @@ impl Encrypt for super::Chacha8Poly1305 { keystore: &mut impl Keystore, request: &request::Encrypt, ) -> Result { - use chacha20poly1305::aead::{AeadInPlace, NewAead}; + use chacha20poly1305::aead::{AeadMutInPlace, KeyInit}; use chacha20poly1305::ChaCha8Poly1305; // load key and nonce @@ -138,7 +138,7 @@ impl Encrypt for super::Chacha8Poly1305 { _ => return Err(Error::WrongKeyKind), } - let aead = ChaCha8Poly1305::new(&GenericArray::from(symmetric_key)); + let mut aead = ChaCha8Poly1305::new(&GenericArray::from(symmetric_key)); let mut ciphertext = request.message.clone(); let tag: [u8; TAG_LEN] = aead diff --git a/src/service.rs b/src/service.rs index 6da1cd908d2..16831f1f8e1 100644 --- a/src/service.rs +++ b/src/service.rs @@ -1,6 +1,5 @@ -use chacha20::ChaCha8Rng; - use littlefs2::path::PathBuf; +use rand_chacha::ChaCha8Rng; pub use rand_core::{RngCore, SeedableRng}; use crate::api::*; @@ -657,7 +656,7 @@ impl ServiceResources

{ } // 3. Initialize ChaCha8 construction with our seed. - let mut rng = chacha20::ChaCha8Rng::from_seed(our_seed); + let mut rng = ChaCha8Rng::from_seed(our_seed); // 4. Store freshly drawn seed for next boot. let mut seed_to_store = [0u8; 32]; diff --git a/src/store/certstore.rs b/src/store/certstore.rs index d5d181335b8..dcb991f2a20 100644 --- a/src/store/certstore.rs +++ b/src/store/certstore.rs @@ -1,5 +1,5 @@ -use chacha20::ChaCha8Rng; use littlefs2::path::PathBuf; +use rand_chacha::ChaCha8Rng; use crate::{ error::{Error, Result}, diff --git a/src/store/counterstore.rs b/src/store/counterstore.rs index 811fd051215..e967c50b7ab 100644 --- a/src/store/counterstore.rs +++ b/src/store/counterstore.rs @@ -1,5 +1,5 @@ -use chacha20::ChaCha8Rng; use littlefs2::path::PathBuf; +use rand_chacha::ChaCha8Rng; use crate::{ error::{Error, Result}, diff --git a/src/store/keystore.rs b/src/store/keystore.rs index fae30af842f..32393b3b6f8 100644 --- a/src/store/keystore.rs +++ b/src/store/keystore.rs @@ -1,5 +1,5 @@ -use chacha20::ChaCha8Rng; use littlefs2::path::PathBuf; +use rand_chacha::ChaCha8Rng; use crate::{ config::MAX_KEY_MATERIAL_LENGTH, diff --git a/src/tests.rs b/src/tests.rs index 5a781f98413..379e748949f 100644 --- a/src/tests.rs +++ b/src/tests.rs @@ -13,7 +13,8 @@ pub struct MockRng(ChaCha20); impl MockRng { pub fn new() -> Self { - use chacha20::cipher::NewCipher; + use chacha20::cipher::KeyIvInit; + let key = GenericArray::from_slice(b"an example very very secret key."); let nonce = GenericArray::from_slice(b"secret nonce"); Self(ChaCha20::new(key, nonce)) diff --git a/src/virt.rs b/src/virt.rs index 0f748400a2e..a6ddfb7c512 100644 --- a/src/virt.rs +++ b/src/virt.rs @@ -8,7 +8,7 @@ mod ui; use std::{path::PathBuf, sync::Mutex}; -use chacha20::ChaCha8Rng; +use rand_chacha::ChaCha8Rng; use rand_core::SeedableRng as _; use crate::{ From 7cffc437ee4f70dcdc99c30808a8d9b3adacfa1d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sosth=C3=A8ne=20Gu=C3=A9don?= Date: Thu, 6 Oct 2022 11:05:29 +0200 Subject: [PATCH 05/10] Update des dependency --- Cargo.toml | 2 +- src/mechanisms/tdes.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 51fb98a7a49..23cdc1fcfdb 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -32,7 +32,7 @@ cbc = "0.1.2" blake2 = { version = "0.9", default-features = false, optional = true } chacha20 = { version = "0.9", default-features = false } chacha20poly1305 = { version = "0.10", default-features = false, features = ["heapless", "reduced-round"] } -des = { version = "0.7", optional = true } +des = { version = "0.8", optional = true } hmac = "0.11" sha-1 = { version = "0.9", default-features = false, optional = true } sha2 = { version = "0.9", default-features = false } diff --git a/src/mechanisms/tdes.rs b/src/mechanisms/tdes.rs index 245ad92c627..5734c1ba7af 100644 --- a/src/mechanisms/tdes.rs +++ b/src/mechanisms/tdes.rs @@ -6,7 +6,7 @@ // use cortex_m_semihosting::{dbg, hprintln}; // needed to even get ::new() from des... -use des::cipher::{BlockDecrypt, BlockEncrypt, NewBlockCipher}; +use des::cipher::{BlockDecrypt, BlockEncrypt, KeyInit}; use crate::api::*; use crate::error::Error; From 86e17c784bbb399c88a0351eaeb8632b366dcdcd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sosth=C3=A8ne=20Gu=C3=A9don?= Date: Thu, 6 Oct 2022 11:06:45 +0200 Subject: [PATCH 06/10] Update hmac, sha and blak2 dependencies --- Cargo.toml | 8 ++++---- src/mechanisms/hmacblake2s.rs | 11 ++++++----- src/mechanisms/hmacsha1.rs | 4 ++-- src/mechanisms/hmacsha256.rs | 4 ++-- src/mechanisms/hmacsha512.rs | 4 ++-- src/mechanisms/totp.rs | 2 +- 6 files changed, 17 insertions(+), 16 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 23cdc1fcfdb..c4916828e5a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -29,13 +29,13 @@ rand_chacha = { version = "0.3.1", default-features = false } # RustCrypto aes = { version = "0.8", default-features = false } cbc = "0.1.2" -blake2 = { version = "0.9", default-features = false, optional = true } +blake2 = { version = "0.10", default-features = false, optional = true } chacha20 = { version = "0.9", default-features = false } chacha20poly1305 = { version = "0.10", default-features = false, features = ["heapless", "reduced-round"] } des = { version = "0.8", optional = true } -hmac = "0.11" -sha-1 = { version = "0.9", default-features = false, optional = true } -sha2 = { version = "0.9", default-features = false } +hmac = "0.12" +sha-1 = { version = "0.10", default-features = false, optional = true } +sha2 = { version = "0.10", default-features = false } # ours cosey = "0.3" diff --git a/src/mechanisms/hmacblake2s.rs b/src/mechanisms/hmacblake2s.rs index d9ffea5810e..1f3320e1b54 100644 --- a/src/mechanisms/hmacblake2s.rs +++ b/src/mechanisms/hmacblake2s.rs @@ -10,8 +10,9 @@ impl DeriveKey for super::HmacBlake2s { keystore: &mut impl Keystore, request: &request::DeriveKey, ) -> Result { - use hmac::{Hmac, Mac, NewMac}; - type HmacBlake2s = Hmac; + use blake2::Blake2s256; + use hmac::{Mac, SimpleHmac}; + type HmacBlake2s = SimpleHmac; let key = keystore.load_key(key::Secrecy::Secret, None, &request.base_key)?; if !matches!(key.kind, key::Kind::Symmetric(..) | key::Kind::Shared(..)) { @@ -45,9 +46,9 @@ impl DeriveKey for super::HmacBlake2s { impl Sign for super::HmacBlake2s { #[inline(never)] fn sign(keystore: &mut impl Keystore, request: &request::Sign) -> Result { - use blake2::Blake2s; - use hmac::{Hmac, Mac, NewMac}; - type HmacBlake2s = Hmac; + use blake2::Blake2s256; + use hmac::{Mac, SimpleHmac}; + type HmacBlake2s = SimpleHmac; let key = keystore.load_key(key::Secrecy::Secret, None, &request.key)?; if !matches!(key.kind, key::Kind::Symmetric(..) | key::Kind::Shared(..)) { diff --git a/src/mechanisms/hmacsha1.rs b/src/mechanisms/hmacsha1.rs index 7ae3e0f7c3f..f35a20fe505 100644 --- a/src/mechanisms/hmacsha1.rs +++ b/src/mechanisms/hmacsha1.rs @@ -10,7 +10,7 @@ impl DeriveKey for super::HmacSha1 { keystore: &mut impl Keystore, request: &request::DeriveKey, ) -> Result { - use hmac::{Hmac, Mac, NewMac}; + use hmac::{Hmac, Mac}; type HmacSha1 = Hmac; let key_id = request.base_key; @@ -46,7 +46,7 @@ impl DeriveKey for super::HmacSha1 { impl Sign for super::HmacSha1 { #[inline(never)] fn sign(keystore: &mut impl Keystore, request: &request::Sign) -> Result { - use hmac::{Hmac, Mac, NewMac}; + use hmac::{Hmac, Mac}; use sha1::Sha1; type HmacSha1 = Hmac; diff --git a/src/mechanisms/hmacsha256.rs b/src/mechanisms/hmacsha256.rs index e59c593bee5..f25aaf4d288 100644 --- a/src/mechanisms/hmacsha256.rs +++ b/src/mechanisms/hmacsha256.rs @@ -10,7 +10,7 @@ impl DeriveKey for super::HmacSha256 { keystore: &mut impl Keystore, request: &request::DeriveKey, ) -> Result { - use hmac::{Hmac, Mac, NewMac}; + use hmac::{Hmac, Mac}; type HmacSha256 = Hmac; let key_id = request.base_key; @@ -51,7 +51,7 @@ impl DeriveKey for super::HmacSha256 { impl Sign for super::HmacSha256 { #[inline(never)] fn sign(keystore: &mut impl Keystore, request: &request::Sign) -> Result { - use hmac::{Hmac, Mac, NewMac}; + use hmac::{Hmac, Mac}; use sha2::Sha256; type HmacSha256 = Hmac; diff --git a/src/mechanisms/hmacsha512.rs b/src/mechanisms/hmacsha512.rs index d31ca3f6171..58a981d9218 100644 --- a/src/mechanisms/hmacsha512.rs +++ b/src/mechanisms/hmacsha512.rs @@ -10,7 +10,7 @@ impl DeriveKey for super::HmacSha512 { keystore: &mut impl Keystore, request: &request::DeriveKey, ) -> Result { - use hmac::{Hmac, Mac, NewMac}; + use hmac::{Hmac, Mac}; type HmacSha512 = Hmac; let key = keystore.load_key(key::Secrecy::Secret, None, &request.base_key)?; @@ -42,7 +42,7 @@ impl DeriveKey for super::HmacSha512 { impl Sign for super::HmacSha512 { #[inline(never)] fn sign(keystore: &mut impl Keystore, request: &request::Sign) -> Result { - use hmac::{Hmac, Mac, NewMac}; + use hmac::{Hmac, Mac}; use sha2::Sha512; type HmacSha512 = Hmac; diff --git a/src/mechanisms/totp.rs b/src/mechanisms/totp.rs index 1a07d3409be..f47569eb3f0 100644 --- a/src/mechanisms/totp.rs +++ b/src/mechanisms/totp.rs @@ -16,7 +16,7 @@ fn hotp_raw(key: &[u8], counter: u64, digits: u32) -> u64 { #[inline(never)] fn hmac_and_truncate(key: &[u8], message: &[u8], digits: u32) -> u64 { - use hmac::{Hmac, Mac, NewMac}; + use hmac::{Hmac, Mac}; // let mut hmac = Hmac::::new(GenericArray::from_slice(key)); let mut hmac = Hmac::::new_from_slice(key).unwrap(); hmac.update(message); From 75c5520ce07bf4a4fe9336370607bc226bb0d761 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sosth=C3=A8ne=20Gu=C3=A9don?= Date: Fri, 14 Apr 2023 09:56:50 +0200 Subject: [PATCH 07/10] Update serial-test --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index c4916828e5a..1ec3c4a9121 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -50,7 +50,7 @@ serde-indexed = "0.1.0" [dev-dependencies] # Testing -serial_test = { version = "0.6" } +serial_test = { version = "2" } entropy = "0.4.0" once_cell = "1.13.0" # Somehow, this is causing a regression. From 2bc06d955f93841e27a0d2bbe2942f4ac4351edc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sosth=C3=A8ne=20Gu=C3=A9don?= Date: Thu, 6 Oct 2022 15:11:21 +0200 Subject: [PATCH 08/10] Update p256 dependency --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 1ec3c4a9121..4143b6ef1e1 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -44,7 +44,7 @@ cbor-smol = "0.4" heapless-bytes = { version = "0.3.0", features = ["cbor"] } interchange = "0.3.0" littlefs2 = "0.4.0" -p256-cortex-m4 = { version = "0.1.0-alpha.5", features = ["prehash", "sec1-signatures"] } +p256-cortex-m4 = { version = "0.1.0-alpha.6", features = ["prehash", "sec1-signatures"] } salty = { version = "0.2.0", features = ["cose"] } serde-indexed = "0.1.0" From 55ea391367fce4bf5093ff2d3c79041d7aef0485 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sosth=C3=A8ne=20Gu=C3=A9don?= Date: Fri, 14 Apr 2023 10:00:03 +0200 Subject: [PATCH 09/10] Upgrade hex-literal --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 4143b6ef1e1..ffa0ad4f46d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -18,7 +18,7 @@ embedded-hal = { version = "0.2.3", features = ["unproven"] } flexiber = { version = "0.1.0", features = ["derive", "heapless"] } generic-array = "0.14.4" heapless = { version = "0.7", features = ["serde"] } -hex-literal = "0.3.1" +hex-literal = "0.4.1" nb = "1" postcard = "0.7.0" rand_core = "0.6" From e35e5ce13cf9108f890f440609c76489804d863c Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Sun, 23 Apr 2023 20:16:57 +0200 Subject: [PATCH 10/10] Fix compilation without default features This patch fixes the compilation of all targets if the default features are disabled and adds a CI job that checks this. Fixes: https://github.com/trussed-dev/trussed/issues/90 --- .github/workflows/ci.yml | 4 ++++ src/config.rs | 2 ++ src/mechanisms/aes256cbc.rs | 4 ++-- src/mechanisms/chacha8poly1305.rs | 10 +++++++--- src/mechanisms/ed255.rs | 8 ++++++-- src/mechanisms/p256.rs | 10 ++++++++-- src/mechanisms/tdes.rs | 7 +++++++ src/mechanisms/totp.rs | 9 ++++++++- src/mechanisms/x255.rs | 4 +--- src/tests.rs | 7 +++++++ 10 files changed, 52 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 71ac170e9ff..ab4b18137a3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -36,6 +36,10 @@ jobs: - name: Build run: cargo build --verbose --target ${{ matrix.target }} + - name: Check all targets without default features + run: cargo check --all-targets --no-default-features + if: matrix.target == 'x86_64-unknown-linux-gnu' + - name: Check all targets with default features run: cargo check --all-targets if: matrix.target == 'x86_64-unknown-linux-gnu' diff --git a/src/config.rs b/src/config.rs index 174293c2183..ed40e95579c 100644 --- a/src/config.rs +++ b/src/config.rs @@ -40,6 +40,8 @@ cfg_if::cfg_if! { pub const MAX_SERVICE_CLIENTS: usize = 2; } else if #[cfg(feature = "clients-1")] { pub const MAX_SERVICE_CLIENTS: usize = 1; + } else { + pub const MAX_SERVICE_CLIENTS: usize = 0; } } pub const MAX_SHORT_DATA_LENGTH: usize = 128; diff --git a/src/mechanisms/aes256cbc.rs b/src/mechanisms/aes256cbc.rs index a49d4a7e230..6b0ca4c8fcb 100644 --- a/src/mechanisms/aes256cbc.rs +++ b/src/mechanisms/aes256cbc.rs @@ -167,9 +167,9 @@ impl UnsafeInjectKey for super::Aes256Cbc { #[cfg(not(feature = "aes256-cbc"))] impl UnsafeInjectKey for super::Aes256Cbc {} - #[cfg(not(feature = "aes256-cbc"))] impl Decrypt for super::Aes256Cbc {} - #[cfg(not(feature = "aes256-cbc"))] impl Encrypt for super::Aes256Cbc {} +#[cfg(not(feature = "aes256-cbc"))] +impl WrapKey for super::Aes256Cbc {} diff --git a/src/mechanisms/chacha8poly1305.rs b/src/mechanisms/chacha8poly1305.rs index 7e20dca4121..9fe96030bc1 100644 --- a/src/mechanisms/chacha8poly1305.rs +++ b/src/mechanisms/chacha8poly1305.rs @@ -245,8 +245,12 @@ impl UnwrapKey for super::Chacha8Poly1305 { } #[cfg(not(feature = "chacha8-poly1305"))] -impl Decrypt

for super::Chacha8Poly1305 {} +impl Decrypt for super::Chacha8Poly1305 {} #[cfg(not(feature = "chacha8-poly1305"))] -impl Encrypt

for super::Chacha8Poly1305 {} +impl Encrypt for super::Chacha8Poly1305 {} #[cfg(not(feature = "chacha8-poly1305"))] -impl GenerateKey

for super::Chacha8Poly1305 {} +impl WrapKey for super::Chacha8Poly1305 {} +#[cfg(not(feature = "chacha8-poly1305"))] +impl UnwrapKey for super::Chacha8Poly1305 {} +#[cfg(not(feature = "chacha8-poly1305"))] +impl GenerateKey for super::Chacha8Poly1305 {} diff --git a/src/mechanisms/ed255.rs b/src/mechanisms/ed255.rs index 6d3325d0873..808477969c8 100644 --- a/src/mechanisms/ed255.rs +++ b/src/mechanisms/ed255.rs @@ -265,13 +265,17 @@ impl UnsafeInjectKey for super::Ed255 { } } +#[cfg(not(feature = "ed255"))] +impl Exists for super::Ed255 {} #[cfg(not(feature = "ed255"))] impl DeriveKey for super::Ed255 {} #[cfg(not(feature = "ed255"))] impl GenerateKey for super::Ed255 {} #[cfg(not(feature = "ed255"))] +impl SerializeKey for super::Ed255 {} +#[cfg(not(feature = "ed255"))] +impl DeserializeKey for super::Ed255 {} +#[cfg(not(feature = "ed255"))] impl Sign for super::Ed255 {} #[cfg(not(feature = "ed255"))] impl Verify for super::Ed255 {} -#[cfg(not(feature = "ed255"))] -impl UnsafeInjectKey for super::ed255 {} diff --git a/src/mechanisms/p256.rs b/src/mechanisms/p256.rs index 24b056698d4..d2b508c8dcd 100644 --- a/src/mechanisms/p256.rs +++ b/src/mechanisms/p256.rs @@ -373,12 +373,18 @@ impl UnsafeInjectKey for super::P256 { #[cfg(not(feature = "p256"))] impl Agree for super::P256 {} #[cfg(not(feature = "p256"))] +impl Exists for super::P256 {} +#[cfg(not(feature = "p256"))] impl DeriveKey for super::P256 {} #[cfg(not(feature = "p256"))] impl GenerateKey for super::P256 {} #[cfg(not(feature = "p256"))] +impl DeserializeKey for super::P256 {} +#[cfg(not(feature = "p256"))] +impl SerializeKey for super::P256 {} +#[cfg(not(feature = "p256"))] impl Sign for super::P256 {} #[cfg(not(feature = "p256"))] -impl Verify for super::P256 {} +impl Sign for super::P256Prehashed {} #[cfg(not(feature = "p256"))] -impl UnsafeInjectKey for super::P256 {} +impl Verify for super::P256 {} diff --git a/src/mechanisms/tdes.rs b/src/mechanisms/tdes.rs index 5734c1ba7af..7710f04252d 100644 --- a/src/mechanisms/tdes.rs +++ b/src/mechanisms/tdes.rs @@ -6,6 +6,7 @@ // use cortex_m_semihosting::{dbg, hprintln}; // needed to even get ::new() from des... +#[cfg(feature = "tdes")] use des::cipher::{BlockDecrypt, BlockEncrypt, KeyInit}; use crate::api::*; @@ -109,3 +110,9 @@ impl UnsafeInjectKey for super::Tdes { Ok(reply::UnsafeInjectKey { key: key_id }) } } + +#[cfg(not(feature = "tdes"))] +impl Encrypt for super::Tdes {} + +#[cfg(not(feature = "tdes"))] +impl Decrypt for super::Tdes {} diff --git a/src/mechanisms/totp.rs b/src/mechanisms/totp.rs index f47569eb3f0..dd356841f4b 100644 --- a/src/mechanisms/totp.rs +++ b/src/mechanisms/totp.rs @@ -9,11 +9,13 @@ const TOTP_KEY_SIZE: usize = 20; // https://tools.ietf.org/html/rfc4226#section-5.3 +#[cfg(feature = "totp")] #[inline(never)] fn hotp_raw(key: &[u8], counter: u64, digits: u32) -> u64 { hmac_and_truncate(key, &counter.to_be_bytes(), digits) } +#[cfg(feature = "totp")] #[inline(never)] fn hmac_and_truncate(key: &[u8], message: &[u8], digits: u32) -> u64 { use hmac::{Hmac, Mac}; @@ -91,7 +93,12 @@ impl Exists for super::Totp { } } -#[cfg(test)] +#[cfg(not(feature = "totp"))] +impl Sign for super::Totp {} +#[cfg(not(feature = "totp"))] +impl Exists for super::Totp {} + +#[cfg(all(test, feature = "totp"))] mod tests { use super::*; diff --git a/src/mechanisms/x255.rs b/src/mechanisms/x255.rs index c646c89f72d..8e747a7b0eb 100644 --- a/src/mechanisms/x255.rs +++ b/src/mechanisms/x255.rs @@ -235,10 +235,8 @@ impl GenerateKey for super::X255 {} #[cfg(not(feature = "x255"))] impl Exists for super::X255 {} #[cfg(not(feature = "x255"))] -impl Derive for super::X255 {} +impl DeriveKey for super::X255 {} #[cfg(not(feature = "x255"))] impl SerializeKey for super::X255 {} #[cfg(not(feature = "x255"))] impl DeserializeKey for super::X255 {} -#[cfg(not(feature = "x255"))] -impl UnsafeInjectKey for super::X255 {} diff --git a/src/tests.rs b/src/tests.rs index 379e748949f..af4b9320ce2 100644 --- a/src/tests.rs +++ b/src/tests.rs @@ -202,6 +202,7 @@ fn dummy() { setup!(_client); } +#[cfg(feature = "ed255")] #[test] #[serial] fn sign_ed255() { @@ -255,6 +256,7 @@ fn sign_ed255() { assert_eq!(Err(Error::WrongSignatureLength), reply); } +#[cfg(feature = "p255")] #[test] #[serial] fn sign_p256() { @@ -294,6 +296,7 @@ fn sign_p256() { assert!(valid); } +#[cfg(feature = "p255")] #[test] #[serial] fn agree_p256() { @@ -376,6 +379,7 @@ fn agree_p256() { .signature; } +#[cfg(feature = "chacha8-poly1305")] #[test] #[serial] fn aead_rng_nonce() { @@ -412,6 +416,7 @@ fn aead_rng_nonce() { assert_eq!(&message[..], plaintext.unwrap().as_ref()); } +#[cfg(feature = "chacha8-poly1305")] #[test] #[serial] fn aead_given_nonce() { @@ -450,6 +455,7 @@ fn aead_given_nonce() { } // Same as before but key generated with a nonce +#[cfg(feature = "chacha8-poly1305")] #[test] #[serial] fn aead_given_nonce_2() { @@ -487,6 +493,7 @@ fn aead_given_nonce_2() { assert_eq!(&message[..], plaintext.unwrap().as_ref()); } +#[cfg(feature = "chacha8-poly1305")] #[test] #[serial] fn aead() {