diff --git a/Cargo.toml b/Cargo.toml index 95ce04c9f18..ce788e7bf4a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -19,10 +19,10 @@ cfg-if = "1.0" embedded-hal = { version = "0.2.3", features = ["unproven"] } flexiber = { git = "https://github.com/nickray/flexiber", branch = "main", features = ["derive", "heapless"] } generic-array = "0.14.4" -heapless = { version = "0.6", features = ["serde"] } +heapless = { version = "0.7", features = ["serde"] } hex-literal = "0.3.1" nb = "1" -postcard = "0.6.0" +postcard = "0.7.0" rand_core = "0.6" serde = { version = "1.0", default-features = false } zeroize = { version = "1.2", default-features = false, features = ["zeroize_derive"] } @@ -39,12 +39,12 @@ sha-1 = { version = "0.9", default-features = false, optional = true } sha2 = { version = "0.9", default-features = false } # ours -cosey = "0.2.0" +cosey = "0.3" delog = "0.1.0" -cbor-smol = "0.3.0" -heapless-bytes = { version = "0.2.0", features = ["cbor"] } +cbor-smol = "0.4" +heapless-bytes = { version = "0.3.0", features = ["cbor"] } interchange = "0.2.1" -littlefs2 = "0.2.2" +littlefs2 = "0.3.1" p256-cortex-m4 = { version = "0.1.0-alpha.5", features = ["prehash", "sec1-signatures"] } serde-indexed = "0.1.0" @@ -56,7 +56,7 @@ features = ["cose"] [dev-dependencies] # Testing serial_test = { version = "*" } -entropy = "0.3.0" +entropy = "0.4.0" # Somehow, this is causing a regression. # rand_core = { version = "0.5", features = ["getrandom"] } diff --git a/src/client.rs b/src/client.rs index e666ad885d3..500dfac4dde 100644 --- a/src/client.rs +++ b/src/client.rs @@ -258,7 +258,7 @@ pub trait CertificateClient: PollClient { fn write_certificate(&mut self, location: Location, der: &[u8]) -> ClientResult<'_, reply::WriteCertificate, Self> { - let der = Message::try_from_slice(der).map_err(|_| ClientError::DataTooLarge)?; + let der = Message::from_slice(der).map_err(|_| ClientError::DataTooLarge)?; let r = self.request(request::WriteCertificate { location, der })?; r.client.syscall(); Ok(r) @@ -306,10 +306,10 @@ pub trait CryptoClient: PollClient { ) -> ClientResult<'c, reply::Decrypt, Self> { - let message = Message::try_from_slice(message).map_err(|_| ClientError::DataTooLarge)?; - let associated_data = Message::try_from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?; - let nonce = ShortData::try_from_slice(nonce).map_err(|_| ClientError::DataTooLarge)?; - let tag = ShortData::try_from_slice(tag).map_err(|_| ClientError::DataTooLarge)?; + let message = Message::from_slice(message).map_err(|_| ClientError::DataTooLarge)?; + let associated_data = Message::from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?; + let nonce = ShortData::from_slice(nonce).map_err(|_| ClientError::DataTooLarge)?; + let tag = ShortData::from_slice(tag).map_err(|_| ClientError::DataTooLarge)?; let r = self.request(request::Decrypt { mechanism, key, message, associated_data, nonce, tag })?; r.client.syscall(); Ok(r) @@ -352,7 +352,7 @@ pub trait CryptoClient: PollClient { format: KeySerialization, attributes: StorageAttributes) -> ClientResult<'c, reply::DeserializeKey, Self> { - let serialized_key = Message::try_from_slice(serialized_key).map_err(|_| ClientError::DataTooLarge)?; + let serialized_key = Message::from_slice(serialized_key).map_err(|_| ClientError::DataTooLarge)?; let r = self.request(request::DeserializeKey { mechanism, serialized_key, format, attributes } )?; @@ -364,8 +364,8 @@ pub trait CryptoClient: PollClient { message: &[u8], associated_data: &[u8], nonce: Option) -> ClientResult<'c, reply::Encrypt, Self> { - let message = Message::try_from_slice(message).map_err(|_| ClientError::DataTooLarge)?; - let associated_data = ShortData::try_from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?; + let message = Message::from_slice(message).map_err(|_| ClientError::DataTooLarge)?; + let associated_data = ShortData::from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?; let r = self.request(request::Encrypt { mechanism, key, message, associated_data, nonce })?; r.client.syscall(); Ok(r) @@ -444,7 +444,7 @@ pub trait CryptoClient: PollClient { let r = self.request(request::Sign { key, mechanism, - message: Bytes::try_from_slice(data).map_err(|_| ClientError::DataTooLarge)?, + message: Bytes::from_slice(data).map_err(|_| ClientError::DataTooLarge)?, format, })?; r.client.syscall(); @@ -464,8 +464,8 @@ pub trait CryptoClient: PollClient { let r = self.request(request::Verify { mechanism, key, - message: Message::try_from_slice(&message).expect("all good"), - signature: Signature::try_from_slice(&signature).expect("all good"), + message: Message::from_slice(&message).expect("all good"), + signature: Signature::from_slice(&signature).expect("all good"), format, })?; r.client.syscall(); @@ -484,7 +484,7 @@ pub trait CryptoClient: PollClient { { let r = self.request(request::UnsafeInjectKey { mechanism, - raw_key: ShortData::try_from_slice(raw_key).unwrap(), + raw_key: ShortData::from_slice(raw_key).unwrap(), attributes: StorageAttributes::new().set_persistence(persistence), })?; r.client.syscall(); @@ -495,7 +495,7 @@ pub trait CryptoClient: PollClient { -> ClientResult<'_, reply::UnsafeInjectSharedKey, Self> { let r = self.request(request::UnsafeInjectSharedKey { - raw_key: ShortData::try_from_slice(raw_key).unwrap(), + raw_key: ShortData::from_slice(raw_key).unwrap(), location, })?; r.client.syscall(); @@ -506,7 +506,7 @@ pub trait CryptoClient: PollClient { associated_data: &[u8], attributes: StorageAttributes) -> ClientResult<'c, reply::UnwrapKey, Self> { - let associated_data = Message::try_from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?; + let associated_data = Message::from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?; let r = self.request(request::UnwrapKey { mechanism, wrapping_key, @@ -522,7 +522,7 @@ pub trait CryptoClient: PollClient { associated_data: &[u8]) -> ClientResult<'_, reply::WrapKey, Self> { - let associated_data = Message::try_from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?; + let associated_data = Message::from_slice(associated_data).map_err(|_| ClientError::DataTooLarge)?; let r = self.request(request::WrapKey { mechanism, wrapping_key, key, associated_data })?; r.client.syscall(); Ok(r) diff --git a/src/client/mechanisms.rs b/src/client/mechanisms.rs index 85e78754d31..3a5e8b2df2d 100644 --- a/src/client/mechanisms.rs +++ b/src/client/mechanisms.rs @@ -35,7 +35,7 @@ pub trait Chacha8Poly1305: CryptoClient { -> ClientResult<'c, reply::Encrypt, Self> { self.encrypt(Mechanism::Chacha8Poly1305, key, message, associated_data, - nonce.and_then(|nonce| ShortData::try_from_slice(nonce).ok())) + nonce.and_then(|nonce| ShortData::from_slice(nonce).ok())) } fn generate_chacha8poly1305_key(&mut self, persistence: Location) @@ -49,7 +49,7 @@ pub trait Chacha8Poly1305: CryptoClient { -> ClientResult<'c, reply::UnwrapKey, Self> { self.unwrap_key(Mechanism::Chacha8Poly1305, wrapping_key, - Message::try_from_slice(wrapped_key).map_err(|_| ClientError::DataTooLarge)?, + Message::from_slice(wrapped_key).map_err(|_| ClientError::DataTooLarge)?, associated_data, StorageAttributes::new().set_persistence(location)) } @@ -71,7 +71,7 @@ pub trait HmacBlake2s: CryptoClient { { self.derive_key( Mechanism::HmacBlake2s, base_key, - Some(MediumData::try_from_slice(message).map_err(|_| ClientError::DataTooLarge)?), + Some(MediumData::from_slice(message).map_err(|_| ClientError::DataTooLarge)?), StorageAttributes::new().set_persistence(persistence)) } @@ -92,7 +92,7 @@ pub trait HmacSha1: CryptoClient { { self.derive_key( Mechanism::HmacSha1, base_key, - Some(MediumData::try_from_slice(message).map_err(|_| ClientError::DataTooLarge)?), + Some(MediumData::from_slice(message).map_err(|_| ClientError::DataTooLarge)?), StorageAttributes::new().set_persistence(persistence)) } @@ -113,7 +113,7 @@ pub trait HmacSha256: CryptoClient { { self.derive_key( Mechanism::HmacSha256, base_key, - Some(MediumData::try_from_slice(message).map_err(|_| ClientError::DataTooLarge)?), + Some(MediumData::from_slice(message).map_err(|_| ClientError::DataTooLarge)?), StorageAttributes::new().set_persistence(persistence)) } @@ -134,7 +134,7 @@ pub trait HmacSha512: CryptoClient { { self.derive_key( Mechanism::HmacSha512, base_key, - Some(MediumData::try_from_slice(message).map_err(|_| ClientError::DataTooLarge)?), + Some(MediumData::from_slice(message).map_err(|_| ClientError::DataTooLarge)?), StorageAttributes::new().set_persistence(persistence)) } @@ -258,7 +258,7 @@ pub trait Sha256: CryptoClient { fn hash_sha256<'c>(&'c mut self, message: &[u8]) -> ClientResult<'c, reply::Hash, Self> { - self.hash(Mechanism::Sha256, Message::try_from_slice(message).map_err(|_| ClientError::DataTooLarge)?) + self.hash(Mechanism::Sha256, Message::from_slice(message).map_err(|_| ClientError::DataTooLarge)?) } } diff --git a/src/config.rs b/src/config.rs index b1b948f671f..06ae49c405a 100644 --- a/src/config.rs +++ b/src/config.rs @@ -1,24 +1,25 @@ #![allow(non_camel_case_types)] #![allow(clippy::upper_case_acronyms)] -use heapless::consts; +use littlefs2::consts; // TODO: this needs to be overridable. // Should we use the "config crate that can have a replacement patched in" idea? pub type MAX_APPLICATION_NAME_LENGTH = consts::U256; -pub type MAX_LONG_DATA_LENGTH = consts::U1024; -pub type MAX_MESSAGE_LENGTH = consts::U1024; +pub const MAX_LONG_DATA_LENGTH: usize = 1024; +pub const MAX_MESSAGE_LENGTH: usize = 1024; pub type MAX_OBJECT_HANDLES = consts::U16; pub type MAX_LABEL_LENGTH = consts::U256; -pub type MAX_MEDIUM_DATA_LENGTH = consts::U256; +pub const MAX_MEDIUM_DATA_LENGTH: usize = 256; pub type MAX_PATH_LENGTH = consts::U256; -pub type MAX_KEY_MATERIAL_LENGTH = consts::U128; -pub type MAX_SERIALIZED_KEY_LENGTH = >::Output; +pub const MAX_KEY_MATERIAL_LENGTH: usize = 128; +// must be above + 4 +pub const MAX_SERIALIZED_KEY_LENGTH: usize = 132; pub type MAX_SERVICE_CLIENTS = consts::U5; -pub type MAX_SHORT_DATA_LENGTH = consts::U128; -pub type MAX_SIGNATURE_LENGTH = consts::U72; -pub type MAX_USER_ATTRIBUTE_LENGTH = consts::U256; +pub const MAX_SHORT_DATA_LENGTH: usize = 128; +pub const MAX_SIGNATURE_LENGTH: usize = 72; +pub const MAX_USER_ATTRIBUTE_LENGTH: usize = 256; pub const USER_ATTRIBUTE_NUMBER: u8 = 37; diff --git a/src/key.rs b/src/key.rs index 09c2de48ad3..ce74889773d 100644 --- a/src/key.rs +++ b/src/key.rs @@ -1,3 +1,4 @@ +use heapless::Vec; use serde::{Deserialize, Serialize}; use serde_indexed::{DeserializeIndexed, SerializeIndexed}; use zeroize::Zeroize; @@ -8,8 +9,8 @@ use crate::{ config::{MAX_KEY_MATERIAL_LENGTH, MAX_SERIALIZED_KEY_LENGTH}, }; -pub type Material = Bytes; -pub type SerializedKeyBytes = Bytes; +pub type Material = Vec; +pub type SerializedKeyBytes = Vec; // We don't implement serde to make sure nobody inadvertently still uses it // Should we use references here only? @@ -112,7 +113,7 @@ impl Key { Ok(Key { flags, kind, - material: Material::try_from_slice(material).map_err(|_| Error::InvalidSerializedKey)?, + material: Material::from_slice(material).map_err(|_| Error::InvalidSerializedKey)?, }) } } diff --git a/src/lib.rs b/src/lib.rs index a07322a0627..4a2e0bb94d7 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -38,10 +38,10 @@ pub use platform::Platform; pub use service::Service; pub use cbor_smol::{cbor_serialize, cbor_serialize_bytes, cbor_deserialize}; -pub use heapless_bytes::{ArrayLength, Bytes, consts}; +pub use heapless_bytes::Bytes; pub use postcard::{from_bytes as postcard_deserialize, to_slice as postcard_serialize}; -pub fn postcard_serialize_bytes, T: serde::Serialize>( +pub fn postcard_serialize_bytes( object: &T, ) -> postcard::Result> { let vec = postcard::to_vec(object)?; diff --git a/src/mechanisms/aes256cbc.rs b/src/mechanisms/aes256cbc.rs index 050de32193c..5e0759db57c 100644 --- a/src/mechanisms/aes256cbc.rs +++ b/src/mechanisms/aes256cbc.rs @@ -28,7 +28,7 @@ impl Encrypt for super::Aes256Cbc let symmetric_key: [u8; 32] = keystore .load_key(key::Secrecy::Secret, None, &key_id)? - .material.as_ref().try_into() + .material.as_slice().try_into() .map_err(|_| Error::InternalError)?; let zero_iv = [0u8; 16]; @@ -47,7 +47,7 @@ impl Encrypt for super::Aes256Cbc // The padding space should be big enough for padding, otherwise method will return Err(BlockModeError). let ciphertext = cipher.encrypt(&mut buffer, l).unwrap(); - let ciphertext = Message::try_from_slice(&ciphertext).unwrap(); + let ciphertext = Message::from_slice(&ciphertext).unwrap(); Ok(reply::Encrypt { ciphertext, nonce: ShortData::new(), tag: ShortData::new() }) } } @@ -64,9 +64,9 @@ impl WrapKey for super::Aes256Cbc // let message: Message = serialized_key.material.try_to_byte_buf().map_err(|_| Error::InternalError)?; - let message: Message = crate::Bytes::try_from_slice(keystore + let message = Message::from_slice(keystore .load_key(key::Secrecy::Secret, None, &request.key)? - .material.as_ref()).map_err(|_| Error::InternalError)?; + .material.as_slice()).map_err(|_| Error::InternalError)?; let encryption_request = request::Encrypt { mechanism: Mechanism::Aes256Cbc, @@ -100,7 +100,7 @@ impl Decrypt for super::Aes256Cbc let key_id = request.key; let symmetric_key: [u8; 32] = keystore .load_key(key::Secrecy::Secret, None, &key_id)? - .material.as_ref() + .material.as_slice() .try_into() .map_err(|_| Error::InternalError)?; @@ -121,7 +121,7 @@ impl Decrypt for super::Aes256Cbc // hprintln!("symmetric key: {:?}", &symmetric_key).ok(); let plaintext = cipher.decrypt(&mut buffer).unwrap(); // hprintln!("decrypted: {:?}", &plaintext).ok(); - let plaintext = Message::try_from_slice(&plaintext).unwrap(); + let plaintext = Message::from_slice(&plaintext).unwrap(); Ok(reply::Decrypt { plaintext: Some(plaintext) }) } diff --git a/src/mechanisms/chacha8poly1305.rs b/src/mechanisms/chacha8poly1305.rs index 612d039498e..6b229bd5563 100644 --- a/src/mechanisms/chacha8poly1305.rs +++ b/src/mechanisms/chacha8poly1305.rs @@ -66,7 +66,7 @@ impl Decrypt for super::Chacha8Poly1305 let serialized_material = keystore .load_key(key::Secrecy::Secret, Some(key::Kind::Symmetric32Nonce(12)), &request.key)? .material; - let serialized = serialized_material.as_ref(); + let serialized = serialized_material.as_slice(); // if serialized.len() != 44 { // return Error::InternalError; @@ -114,7 +114,7 @@ impl Encrypt for super::Chacha8Poly1305 let mut serialized_material = keystore .load_key(secrecy, Some(key_kind), key_id)? .material; - let serialized = serialized_material.as_mut(); + let serialized: &mut [u8] = serialized_material.as_mut(); assert!(serialized.len() == 44); @@ -154,10 +154,10 @@ impl Encrypt for super::Chacha8Poly1305 &mut ciphertext, ).unwrap().as_slice().try_into().unwrap(); - let nonce = ShortData::try_from_slice(nonce).unwrap(); - let tag = ShortData::try_from_slice(&tag).unwrap(); + let nonce = ShortData::from_slice(nonce).unwrap(); + let tag = ShortData::from_slice(&tag).unwrap(); - // let ciphertext = Message::try_from_slice(&ciphertext).unwrap(); + // let ciphertext = Message::from_slice(&ciphertext).unwrap(); Ok(reply::Encrypt { ciphertext, nonce, tag }) } } @@ -175,7 +175,7 @@ impl WrapKey for super::Chacha8Poly1305 let serialized_key = keystore .load_key(key::Secrecy::Secret, None, &request.key)?; - let message = serialized_key.serialize().try_convert_into().unwrap(); + let message = Message::from_slice(&serialized_key.serialize()).unwrap(); let encryption_request = request::Encrypt { mechanism: Mechanism::Chacha8Poly1305, @@ -301,7 +301,7 @@ impl UnwrapKey for super::Chacha8Poly1305 // // Returns an error if buffer length is not multiple of block size and // // if after decoding message has malformed padding. // let plaintext = cipher.decrypt(&mut buffer).unwrap(); -// let plaintext = Message::try_from_slice(&plaintext).unwrap(); +// let plaintext = Message::from_slice(&plaintext).unwrap(); // Ok(reply::Decrypt { plaintext: Ok(plaintext) }) // } @@ -350,7 +350,7 @@ impl UnwrapKey for super::Chacha8Poly1305 // // // The padding space should be big enough for padding, otherwise method will return Err(BlockModeError). // // let ciphertext = cipher.encrypt(&mut buffer, l).unwrap(); -// // let ciphertext = Message::try_from_slice(&ciphertext).unwrap(); +// // let ciphertext = Message::from_slice(&ciphertext).unwrap(); // Ok(reply::Encrypt { ciphertext }) // } // } diff --git a/src/mechanisms/ed255.rs b/src/mechanisms/ed255.rs index a163a05aaa7..a188dc5b49f 100644 --- a/src/mechanisms/ed255.rs +++ b/src/mechanisms/ed255.rs @@ -13,7 +13,7 @@ fn load_public_key(keystore: &mut impl Keystore, key_id: &KeyId) let public_bytes: [u8; 32] = keystore .load_key(key::Secrecy::Public, Some(key::Kind::Ed255), &key_id)? - .material.as_ref() + .material.as_slice() .try_into() .map_err(|_| Error::InternalError)?; @@ -28,7 +28,7 @@ fn load_keypair(keystore: &mut impl Keystore, key_id: &KeyId) let seed: [u8; 32] = keystore .load_key(key::Secrecy::Secret, Some(key::Kind::Ed255), &key_id)? - .material.as_ref() + .material.as_slice() .try_into() .map_err(|_| Error::InternalError)?; @@ -131,9 +131,9 @@ impl SerializeKey for super::Ed255 let serialized_key = match request.format { KeySerialization::Cose => { let cose_pk = cosey::Ed25519PublicKey { - // x: Bytes::try_from_slice(public_key.x_coordinate()).unwrap(), - // x: Bytes::try_from_slice(&buf).unwrap(), - x: Bytes::try_from_slice(public_key.as_bytes()).unwrap(), + // x: Bytes::from_slice(public_key.x_coordinate()).unwrap(), + // x: Bytes::from_slice(&buf).unwrap(), + x: Bytes::from_slice(public_key.as_bytes()).unwrap(), }; crate::cbor_serialize_bytes(&cose_pk).map_err(|_| Error::CborError)? } @@ -188,7 +188,7 @@ impl Sign for super::Ed255 let keypair = load_keypair(keystore, &key_id)?; let native_signature = keypair.sign(&request.message); - let our_signature = Signature::try_from_slice(&native_signature.to_bytes()).unwrap(); + let our_signature = Signature::from_slice(&native_signature.to_bytes()).unwrap(); // hprintln!("Ed255 signature:").ok(); // hprintln!("msg: {:?}", &request.message).ok(); diff --git a/src/mechanisms/hmacblake2s.rs b/src/mechanisms/hmacblake2s.rs index 84cd668c849..fa1015f43a4 100644 --- a/src/mechanisms/hmacblake2s.rs +++ b/src/mechanisms/hmacblake2s.rs @@ -54,7 +54,7 @@ impl Sign for super::HmacBlake2s mac.update(&request.message); let result = mac.finalize(); - let signature = Signature::try_from_slice(&result.into_bytes()).unwrap(); + let signature = Signature::from_slice(&result.into_bytes()).unwrap(); Ok(reply::Sign { signature }) diff --git a/src/mechanisms/hmacsha1.rs b/src/mechanisms/hmacsha1.rs index 69de53fa444..0fbe583e348 100644 --- a/src/mechanisms/hmacsha1.rs +++ b/src/mechanisms/hmacsha1.rs @@ -54,7 +54,7 @@ impl Sign for super::HmacSha1 mac.update(&request.message); let result = mac.finalize(); - let signature = Signature::try_from_slice(&result.into_bytes()).unwrap(); + let signature = Signature::from_slice(&result.into_bytes()).unwrap(); Ok(reply::Sign { signature }) diff --git a/src/mechanisms/hmacsha256.rs b/src/mechanisms/hmacsha256.rs index 44decd0cd66..76699852a60 100644 --- a/src/mechanisms/hmacsha256.rs +++ b/src/mechanisms/hmacsha256.rs @@ -54,7 +54,7 @@ impl Sign for super::HmacSha256 mac.update(&request.message); let result = mac.finalize(); - let signature = Signature::try_from_slice(&result.into_bytes()).unwrap(); + let signature = Signature::from_slice(&result.into_bytes()).unwrap(); Ok(reply::Sign { signature }) diff --git a/src/mechanisms/hmacsha512.rs b/src/mechanisms/hmacsha512.rs index e9c2de25d2a..d415d4c54da 100644 --- a/src/mechanisms/hmacsha512.rs +++ b/src/mechanisms/hmacsha512.rs @@ -52,7 +52,7 @@ impl Sign for super::HmacSha512 mac.update(&request.message); let result = mac.finalize(); - let signature = Signature::try_from_slice(&result.into_bytes()).unwrap(); + let signature = Signature::from_slice(&result.into_bytes()).unwrap(); Ok(reply::Sign { signature }) diff --git a/src/mechanisms/p256.rs b/src/mechanisms/p256.rs index 377ae6b9327..c192db56fb6 100644 --- a/src/mechanisms/p256.rs +++ b/src/mechanisms/p256.rs @@ -14,7 +14,7 @@ fn load_secret_key(keystore: &mut impl Keystore, key_id: &KeyId) // info_now!("loading keypair"); let secret_scalar: [u8; 32] = keystore .load_key(key::Secrecy::Secret, Some(key::Kind::P256), &key_id)? - .material.as_ref() + .material.as_slice() .try_into() .map_err(|_| Error::InternalError)?; @@ -29,7 +29,7 @@ fn load_public_key(keystore: &mut impl Keystore, key_id: &KeyId) { let compressed_public_key: [u8; 33] = keystore .load_key(key::Secrecy::Public, Some(key::Kind::P256), &key_id)? - .material.as_ref() + .material.as_slice() .try_into() .map_err(|_| Error::InternalError)?; @@ -192,15 +192,15 @@ impl SerializeKey for super::P256 let serialized_key = match request.format { KeySerialization::EcdhEsHkdf256 => { let cose_pk = cosey::EcdhEsHkdf256PublicKey { - x: Bytes::try_from_slice(&public_key.x()).unwrap(), - y: Bytes::try_from_slice(&public_key.y()).unwrap(), + x: Bytes::from_slice(&public_key.x()).unwrap(), + y: Bytes::from_slice(&public_key.y()).unwrap(), }; crate::cbor_serialize_bytes(&cose_pk).map_err(|_| Error::CborError)? } KeySerialization::Cose => { let cose_pk = cosey::P256PublicKey { - x: Bytes::try_from_slice(&public_key.x()).unwrap(), - y: Bytes::try_from_slice(&public_key.y()).unwrap(), + x: Bytes::from_slice(&public_key.x()).unwrap(), + y: Bytes::from_slice(&public_key.y()).unwrap(), }; crate::cbor_serialize_bytes(&cose_pk).map_err(|_| Error::CborError)? } @@ -251,10 +251,10 @@ impl Sign for super::P256 SignatureSerialization::Asn1Der => { let mut buffer = [0u8; 72]; let l = signature.to_sec1_bytes(&mut buffer); - Signature::try_from_slice(&buffer[..l]).unwrap() + Signature::from_slice(&buffer[..l]).unwrap() } SignatureSerialization::Raw => { - Signature::try_from_slice(&signature.to_untagged_bytes()).unwrap() + Signature::from_slice(&signature.to_untagged_bytes()).unwrap() } }; @@ -281,10 +281,10 @@ impl Sign for super::P256Prehashed SignatureSerialization::Asn1Der => { let mut buffer = [0u8; 72]; let l = signature.to_sec1_bytes(&mut buffer); - Signature::try_from_slice(&buffer[..l]).unwrap() + Signature::from_slice(&buffer[..l]).unwrap() } SignatureSerialization::Raw => { - Signature::try_from_slice(&signature.to_untagged_bytes()).unwrap() + Signature::from_slice(&signature.to_untagged_bytes()).unwrap() } }; diff --git a/src/mechanisms/tdes.rs b/src/mechanisms/tdes.rs index 7beb33cc2e1..8998910cd9a 100644 --- a/src/mechanisms/tdes.rs +++ b/src/mechanisms/tdes.rs @@ -28,7 +28,7 @@ impl Encrypt for super::Tdes let symmetric_key: [u8; 24] = keystore .load_key(key::Secrecy::Secret, None, &key_id)? - .material.as_ref().try_into() + .material.as_slice().try_into() .map_err(|_| Error::InternalError)?; let cipher = des::TdesEde3::new(GenericArray::from_slice(&symmetric_key)); @@ -54,7 +54,7 @@ impl Decrypt for super::Tdes let symmetric_key: [u8; 24] = keystore .load_key(key::Secrecy::Secret, None, &key_id)? - .material.as_ref().try_into() + .material.as_slice().try_into() .map_err(|_| Error::InternalError)?; let cipher = des::TdesEde3::new(GenericArray::from_slice(&symmetric_key)); diff --git a/src/mechanisms/totp.rs b/src/mechanisms/totp.rs index 80874d09fa7..9def7cd54ef 100644 --- a/src/mechanisms/totp.rs +++ b/src/mechanisms/totp.rs @@ -64,7 +64,7 @@ impl Sign for super::Totp let totp_material: u64 = hotp_raw(&secret, timestamp, DIGITS); // return signature (encode as LE) - Ok(reply::Sign { signature: crate::Bytes::try_from_slice(totp_material.to_le_bytes().as_ref()).unwrap() }) + Ok(reply::Sign { signature: crate::Bytes::from_slice(totp_material.to_le_bytes().as_ref()).unwrap() }) } } diff --git a/src/mechanisms/x255.rs b/src/mechanisms/x255.rs index 010fb058dff..816308fa013 100644 --- a/src/mechanisms/x255.rs +++ b/src/mechanisms/x255.rs @@ -14,7 +14,7 @@ fn load_public_key(keystore: &mut impl Keystore, key_id: &KeyId) let public_bytes: [u8; 32] = keystore .load_key(key::Secrecy::Public, Some(key::Kind::X255), &key_id)? - .material.as_ref() + .material.as_slice() .try_into() .map_err(|_| Error::InternalError)?; @@ -28,7 +28,7 @@ fn load_secret_key(keystore: &mut impl Keystore, key_id: &KeyId) let seed: [u8; 32] = keystore .load_key(key::Secrecy::Secret, Some(key::Kind::X255), &key_id)? - .material.as_ref() + .material.as_slice() .try_into() .map_err(|_| Error::InternalError)?; diff --git a/src/service.rs b/src/service.rs index 1f33100efa8..9e8ce27fedf 100644 --- a/src/service.rs +++ b/src/service.rs @@ -2,6 +2,7 @@ pub use rand_core::{RngCore, SeedableRng}; use interchange::Responder; use littlefs2::path::PathBuf; use chacha20::ChaCha8Rng; +use heapless_bytes::Unsigned; use crate::api::*; use crate::Bytes; @@ -78,7 +79,7 @@ impl ServiceResources

{ } pub struct Service

where P: Platform { - eps: Vec, + eps: Vec, resources: ServiceResources

, } @@ -298,7 +299,7 @@ impl ServiceResources

{ recursively_list(fs, PathBuf::from(entry.path())); } if entry.file_type().is_file() { - let _contents: Vec = fs.read(entry.path()).unwrap(); + let _contents: Vec = fs.read(entry.path()).unwrap(); // info_now!("{} ?= {}", entry.metadata().len(), contents.len()).ok(); // info_now!("{:?}", &contents).ok(); } @@ -581,7 +582,7 @@ impl ServiceResources

{ [0u8; 32] } else { // Use the last saved state. - let mixin_bytes: Bytes = filestore.read(&path, Location::Internal)?; + let mixin_bytes: Bytes<32> = filestore.read(&path, Location::Internal)?; let mut mixin_seed = [0u8; 32]; mixin_seed.clone_from_slice(&mixin_bytes); mixin_seed diff --git a/src/service/attest.rs b/src/service/attest.rs index 70844e12bd3..d49430113f1 100644 --- a/src/service/attest.rs +++ b/src/service/attest.rs @@ -150,7 +150,7 @@ pub fn try_attest( SerializedSignature::Ed255(signature.as_ref().try_into().unwrap()) } SignatureAlgorithm::P256 => { - SerializedSignature::P256(heapless_bytes::Bytes::try_from_slice(&mechanisms::P256::sign( + SerializedSignature::P256(heapless_bytes::Bytes::from_slice(&mechanisms::P256::sign( attn_keystore, &request::Sign { mechanism: Mechanism::P256, @@ -219,7 +219,7 @@ pub struct Certificate<'l> { pub enum SerializedSignature { Ed255([u8; 64]), // This is the DER version with leading '04' - P256(heapless_bytes::Bytes), + P256(heapless_bytes::Bytes<72>), } impl AsRef<[u8]> for SerializedSignature { @@ -483,7 +483,7 @@ impl ParsedDatetime { } pub fn to_bytes(&self) -> [u8; 15] { - let mut buffer: heapless::Vec = Default::default(); + let mut buffer: heapless::Vec = Default::default(); buffer.resize_default(15).unwrap(); core::fmt::write(&mut buffer, format_args!( "{}{:02}{:02}{:02}{:02}{:02}Z", diff --git a/src/store.rs b/src/store.rs index fab6ae8fab8..417c41f2825 100644 --- a/src/store.rs +++ b/src/store.rs @@ -451,7 +451,7 @@ pub fn create_directories<'s, S: LfsStorage>( } /// Reads contents from path in location of store. -pub fn read>(store: impl Store, location: Location, path: &Path) -> Result, Error> { +pub fn read(store: impl Store, location: Location, path: &Path) -> Result, Error> { debug_now!("reading {}", &path); match location { Location::Internal => store.ifs().read(path), diff --git a/src/store/certstore.rs b/src/store/certstore.rs index 6094322c99a..a138f3e2e13 100644 --- a/src/store/certstore.rs +++ b/src/store/certstore.rs @@ -68,7 +68,7 @@ impl ClientCertstore { let mut path = PathBuf::new(); path.push(&self.client_id); path.push(&PathBuf::from("x5c")); - path.push(&PathBuf::from(id.hex().as_ref())); + path.push(&PathBuf::from(id.hex().as_slice())); path } diff --git a/src/store/counterstore.rs b/src/store/counterstore.rs index 5236ab1cd48..c66af2bb28f 100644 --- a/src/store/counterstore.rs +++ b/src/store/counterstore.rs @@ -30,13 +30,13 @@ impl ClientCounterstore { let mut path = PathBuf::new(); path.push(&self.client_id); path.push(&PathBuf::from("ctr")); - path.push(&PathBuf::from(id.hex().as_ref())); + path.push(&PathBuf::from(id.hex().as_slice())); path } fn read_counter(&mut self, location: Location, id: CounterId) -> Result { let path = self.counter_path(id); - let mut bytes: crate::Bytes = store::read(self.store, location, &path)?; + let mut bytes: crate::Bytes<16> = store::read(self.store, location, &path)?; bytes.resize_default(16).ok(); Ok(u128::from_le_bytes(bytes.as_slice().try_into().unwrap())) } diff --git a/src/store/filestore.rs b/src/store/filestore.rs index 014df7846f7..d39a5e48e77 100644 --- a/src/store/filestore.rs +++ b/src/store/filestore.rs @@ -1,5 +1,4 @@ use crate::{ - ArrayLength, Bytes, error::{Error, Result}, // service::ReadDirState, @@ -63,7 +62,7 @@ impl ClientFilestore { } pub trait Filestore { - fn read>(&mut self, path: &PathBuf, location: Location) -> Result>; + fn read(&mut self, path: &PathBuf, location: Location) -> Result>; fn write(&mut self, path: &PathBuf, location: Location, data: &[u8]) -> Result<()>; fn exists(&mut self, path: &PathBuf, location: Location) -> bool; fn remove_file(&mut self, path: &PathBuf, location: Location) -> Result<()>; @@ -106,7 +105,7 @@ pub trait Filestore { } impl Filestore for ClientFilestore { - fn read>(&mut self, path: &PathBuf, location: Location) -> Result> { + fn read(&mut self, path: &PathBuf, location: Location) -> Result> { let path = self.actual_path(path); store::read(self.store, location, &path) diff --git a/src/store/keystore.rs b/src/store/keystore.rs index 9e11b51f279..0b90dfa3f3e 100644 --- a/src/store/keystore.rs +++ b/src/store/keystore.rs @@ -1,5 +1,4 @@ use chacha20::ChaCha8Rng; -pub use heapless::consts; use littlefs2::path::PathBuf; use crate::{ @@ -66,7 +65,7 @@ impl ClientKeystore

{ pub fn key_path(&self, secrecy: key::Secrecy, id: &KeyId) -> PathBuf { let mut path = self.key_directory(secrecy); - path.push(&PathBuf::from(id.hex().as_ref())); + path.push(&PathBuf::from(id.hex().as_slice())); path } @@ -89,7 +88,7 @@ impl Keystore for ClientKeystore

{ let key = key::Key { flags: info.flags, kind: info.kind, - material: key::Material::try_from_slice(material).unwrap(), + material: key::Material::from_slice(material).unwrap(), }; let id = self.generate_key_id(); @@ -147,7 +146,7 @@ impl Keystore for ClientKeystore

{ let location = self.location(secrecy, id).ok_or(Error::NoSuchKey)?; - let bytes: Bytes = store::read(self.store, location, &path)?; + let bytes: Bytes<128> = store::read(self.store, location, &path)?; let key = key::Key::try_deserialize(&bytes)?; @@ -167,7 +166,7 @@ impl Keystore for ClientKeystore

{ let key = key::Key { flags: Default::default(), kind, - material: key::Material::try_from_slice(material).unwrap(), + material: key::Material::from_slice(material).unwrap(), }; let path = self.key_path(secrecy, id); diff --git a/src/tests.rs b/src/tests.rs index 3da8a2adb0c..ea7668abe2c 100644 --- a/src/tests.rs +++ b/src/tests.rs @@ -3,7 +3,7 @@ use chacha20::ChaCha20; use crate::*; use crate::types::*; -use littlefs2::fs::{Allocation, Filesystem}; +use littlefs2::{consts, fs::{Allocation, Filesystem}}; use littlefs2::const_ram_storage; use interchange::Interchange; use entropy::shannon_entropy; diff --git a/src/types.rs b/src/types.rs index 3e4a5f378ba..9159fb1441f 100644 --- a/src/types.rs +++ b/src/types.rs @@ -5,7 +5,6 @@ use core::ops::Deref; pub use generic_array::GenericArray; pub use heapless::{ - consts, String, Vec, }; @@ -72,7 +71,7 @@ impl Id { } /// skips leading zeros - pub fn hex(&self) -> Bytes { + pub fn hex(&self) -> Bytes<32> { const HEX_CHARS: &[u8] = b"0123456789abcdef"; let mut buffer = Bytes::new(); let array = self.0.to_be_bytes(); @@ -98,7 +97,7 @@ impl Id { // // (0..hex.len()) // // use hex::FromHex; // // let maybe_bytes = <[u8; 16]>::from_hex(hex).map_err(|e| ()); - // // maybe_bytes.map(|bytes| Self(Bytes::try_from_slice(&bytes).unwrap())) + // // maybe_bytes.map(|bytes| Self(Bytes::from_slice(&bytes).unwrap())) // if (hex.len() & 1) == 1 { // // panic!("hex len & 1 = {}", hex.len() & 1); // return Err(());