Heapless 09

Cargo.toml

@@ -13,32 +13,56 @@ resolver = "2"
 version = "1.8.2"
 
 [workspace.dependencies]
-littlefs2 = "0.6"
+littlefs2 = "0.7"
 
 [patch.crates-io]
 # components
 memory-regions = { path = "components/memory-regions" }
 
 # unreleased libraries
 p256-cortex-m4  = { git = "https://github.com/ycrypto/p256-cortex-m4.git", rev = "cdb31e12594b4dc1f045b860a885fdc94d96aee2" }
-trussed = { git = "https://github.com/trussed-dev/trussed.git", rev = "e107ed315a07dc6c992fac39d542e847cc3a1b6c" }
-trussed-usbip = { git = "https://github.com/trussed-dev/pc-usbip-runner.git", rev = "504674453c9573a30aa2f155101df49eb2af1ba7" }
+trussed = { git = "https://github.com/trussed-dev/trussed.git", rev = "e6bb61a716a3575b3e5d9869a0e1bb1740fe9969" }
+trussed-core = { git = "https://github.com/trussed-dev/trussed.git", rev = "e6bb61a716a3575b3e5d9869a0e1bb1740fe9969" }
+trussed-manage = { git = "https://github.com/trussed-dev/trussed-staging.git", branch = "heapless-09" }
+
+trussed-usbip = { git = "https://github.com/trussed-dev/pc-usbip-runner.git", rev = "0ff1992f15c273c87e0607384e3dd94d341b721e" }
 
 # applications
-admin-app = { git = "https://github.com/Nitrokey/admin-app.git", tag = "v0.1.0-nitrokey.20" }
-fido-authenticator = { git = "https://github.com/Nitrokey/fido-authenticator.git",tag = "v0.1.1-nitrokey.27" }
-opcard = { git = "https://github.com/Nitrokey/opcard-rs", tag = "v1.6.1" }
-piv-authenticator = { git = "https://github.com/trussed-dev/piv-authenticator.git", tag = "v0.5.3" }
-secrets-app = { git = "https://github.com/Nitrokey/trussed-secrets-app", tag = "v0.14.0" }
+# admin-app = { git = "https://github.com/Nitrokey/admin-app.git", tag = "v0.1.0-nitrokey.20" }
+admin-app = { git = "https://github.com/Nitrokey/admin-app.git", rev = "7c0f00361a261256cfd2d639247030d02e92fec2" }
+fido-authenticator = { git = "https://github.com/Nitrokey/fido-authenticator.git",rev  = "71ac8fb0d54a1ac385cf0d0bd93dbb55bd16814b" }
+opcard = { git = "https://github.com/Nitrokey/opcard-rs", branch = "heapless-09" }
+piv-authenticator = { git = "https://github.com/trussed-dev/piv-authenticator.git", rev = "80d78d88f801160ecd27fc902b621fbf2c94bc9f" }
+secrets-app = { git = "https://github.com/Nitrokey/trussed-secrets-app", rev = "459745bd9734c2c75dc35769eb834b16175ca832" }
+encrypted_container = { git = "https://github.com/Nitrokey/trussed-secrets-app", rev = "459745bd9734c2c75dc35769eb834b16175ca832" }
 
 # backends
-trussed-auth-backend = { git = "https://github.com/trussed-dev/trussed-auth", tag = "v0.4.0" }
-trussed-rsa-alloc = { git = "https://github.com/trussed-dev/trussed-rsa-backend.git", tag = "v0.3.0" }
-trussed-se050-backend = { git = "https://github.com/Nitrokey/trussed-se050-backend.git", tag = "v0.5.0" }
-trussed-staging = { git = "https://github.com/trussed-dev/trussed-staging.git", tag = "v0.3.3" }
-littlefs2-sys = { git = "https://github.com/trussed-dev/littlefs2-sys.git", rev = "v0.3.1-nitrokey.1" }
-littlefs2 = { git = "https://github.com/trussed-dev/littlefs2.git", rev = "v0.6.1-nitrokey.1" }
-littlefs2-core = { git = "https://github.com/trussed-dev/littlefs2.git", rev = "v0.6.1-nitrokey.1" }
+trussed-auth = { git = "https://github.com/trussed-dev/trussed-auth.git", rev = "e602a26f5b4cbb96515509f8e4ca72c8a7406c98" }
+trussed-auth-backend = { git = "https://github.com/trussed-dev/trussed-auth", rev = "9e07990b78c21704e372df4fd1a6334bef9b1bfa" }
+trussed-rsa-alloc = { git = "https://github.com/trussed-dev/trussed-rsa-backend.git",branch = "heapless-09" }
+trussed-rsa-types = { git = "https://github.com/trussed-dev/trussed-rsa-backend.git", branch = "heapless-09" }
+trussed-se050-backend = { git = "https://github.com/Nitrokey/trussed-se050-backend.git", rev = "7db6d28df77b9706fd228ee8b384e1c2b1393f36" }
+trussed-staging = { git = "https://github.com/trussed-dev/trussed-staging.git", branch = "heapless-09" }
+trussed-chunked = { git = "https://github.com/trussed-dev/trussed-staging.git", branch = "heapless-09" }
+trussed-wrap-key-to-file = { git = "https://github.com/trussed-dev/trussed-staging.git", branch = "heapless-09" }
+littlefs2 = { git = "https://github.com/trussed-dev/littlefs2.git", branch = "update-heapless" }
+littlefs2-core = { git = "https://github.com/trussed-dev/littlefs2.git", branch = "update-heapless" }
+littlefs2-sys = { git = "https://github.com/trussed-dev/littlefs2-sys", rev = "v0.3.1-nitrokey.1" }
+se05x = { git = "https://github.com/Nitrokey/se05x.git", branch = "heapless-09" }
+
+
+cbor-smol = { git = "https://github.com/trussed-dev/cbor-smol.git", branch = "heapless-0.9" }
+cosey = { git = "https://github.com/trussed-dev/cosey.git", branch = "heapless-bytes-0.5" }
+ctap-types = { git = "https://github.com/trussed-dev/ctap-types", rev = "7509af268b869bd76ab00ddd62a2340764f4551c"}
+salty = { git = "https://github.com/ycrypto/salty.git", branch = "heapless-updated" }
+flexiber = { git = "https://github.com/trussed-dev/flexiber.git", branch = "heapless-090" }
+ctaphid-app = { git = "https://github.com/trussed-dev/ctaphid-dispatch.git", rev = "4a10f787eed868a4d3b6953e7e65cdb764f34001" }
+ctaphid-dispatch = { git = "https://github.com/trussed-dev/ctaphid-dispatch.git", rev = "4a10f787eed868a4d3b6953e7e65cdb764f34001" }
+apdu-app = { git = "https://github.com/trussed-dev/apdu-dispatch.git", rev = "fe95252d6dee898e7f2e4fa24736eb3d80aa649b" }
+apdu-dispatch = { git = "https://github.com/trussed-dev/apdu-dispatch.git", rev = "fe95252d6dee898e7f2e4fa24736eb3d80aa649b" }
+usbd-ctaphid = { git = "https://github.com/trussed-dev/usbd-ctaphid.git", branch = "heapless-09" }
+usbd-ccid = { git = "https://github.com/trussed-dev/usbd-ccid.git", branch = "heapless-09" }
+
 
 [profile.release]
 codegen-units = 1

components/apps/Cargo.toml

@@ -9,12 +9,12 @@ apdu-app = "0.1"
 bitflags = "2"
 ctaphid-app = "0.1"
 embedded-hal = "0.2.7"
-heapless = "0.7"
-heapless-bytes = "0.3"
+heapless = "0.9"
+heapless-bytes = "0.5"
 interchange = "0.3"
-se05x = { version = "0.2.0", optional = true}
+se05x = { version = "0.3.0", optional = true}
 serde = { version = "1.0.180", default-features = false }
-trussed = { version = "0.1", default-features = false, features = ["crypto-client", "filesystem-client", "management-client", "serde-extensions", "ui-client"] }
+trussed = { version = "0.1", default-features = false, features = ["serde-extensions", "filesystem-client", "ui-client", "all-clients", "shared-secret", "crypto-client"] }
 trussed-core = "0.1.0-rc.1"
 trussed-usbip = { version = "0.0.1", default-features = false, features = ["ctaphid"], optional = true }
 usbd-ctaphid = { version = "0.3", optional = true }
@@ -63,9 +63,9 @@ nkpk-provisioner = ["nkpk", "provisioner-app"]
 
 # apps
 secrets-app = ["dep:secrets-app", "backend-auth", "trussed/chacha8-poly1305", "trussed/hmac-sha1", "trussed/hmac-sha256", "trussed/sha256"]
-fido-authenticator = ["dep:fido-authenticator", "usbd-ctaphid", "trussed/aes256-cbc", "trussed/certificate-client", "trussed/chacha8-poly1305", "trussed/ed255", "trussed/hmac-sha256", "trussed/p256", "trussed/sha256"]
-opcard = ["dep:opcard", "backend-rsa", "backend-auth", "trussed/aes256-cbc", "trussed/chacha8-poly1305", "trussed/ed255", "trussed/p256", "trussed/shared-secret", "trussed/x255"]
-piv-authenticator = ["dep:piv-authenticator", "backend-rsa", "backend-auth", "trussed/aes256-cbc", "trussed/chacha8-poly1305", "trussed/ed255", "trussed/p256", "trussed/shared-secret", "trussed/tdes", "trussed/x255"]
+fido-authenticator = ["dep:fido-authenticator", "usbd-ctaphid", "trussed/aes256-cbc", "trussed/chacha8-poly1305", "trussed/ed255", "trussed/hmac-sha256", "trussed/p256", "trussed/sha256"]
+opcard = ["dep:opcard", "backend-rsa", "backend-auth", "trussed/aes256-cbc", "trussed/chacha8-poly1305", "trussed/ed255", "trussed/p256", "trussed/x255"]
+piv-authenticator = ["dep:piv-authenticator", "backend-rsa", "backend-auth", "trussed/aes256-cbc", "trussed/chacha8-poly1305", "trussed/ed255", "trussed/p256", "trussed/tdes", "trussed/x255"]
 se050 = ["dep:se05x", "trussed-se050-backend", "trussed-se050-manage", "admin-app/se050"]
 
 # backends
@@ -81,6 +81,7 @@ log-debug = []
 log-trace = []
 log-none = []
 
+trussed-usbip = ["dep:trussed-usbip", "backend-rsa", "trussed-rsa-alloc/raw"]
 trussed-usbip-ccid = ["trussed-usbip/ccid", "backend-software-hpke"]
 
 factory-reset = ["admin-app/factory-reset"]

components/apps/src/lib.rs

@@ -695,11 +695,11 @@ impl<R: Runner> Apps<R> {
         (app, data.init_status)
     }
 
-    pub fn apdu_dispatch<F, T, const N: usize>(&mut self, f: F) -> T
+    pub fn apdu_dispatch<F, T>(&mut self, f: F) -> T
     where
-        F: FnOnce(&mut [&mut dyn ApduApp<N>]) -> T,
+        F: FnOnce(&mut [&mut dyn ApduApp]) -> T,
     {
-        let mut apps: Vec<&mut dyn ApduApp<N>, 7> = Default::default();
+        let mut apps: Vec<&mut dyn ApduApp, 7> = Default::default();
 
         // App 1: ndef
         #[cfg(feature = "ndef-app")]
@@ -739,11 +739,11 @@ impl<R: Runner> Apps<R> {
         f(&mut apps)
     }
 
-    pub fn ctaphid_dispatch<F, T, const N: usize>(&mut self, f: F) -> T
+    pub fn ctaphid_dispatch<F, T>(&mut self, f: F) -> T
     where
-        F: FnOnce(&mut [&mut dyn CtaphidApp<'static, N>]) -> T,
+        F: FnOnce(&mut [&mut dyn CtaphidApp<'static>]) -> T,
     {
-        let mut apps: Vec<&mut dyn CtaphidApp<'static, N>, 4> = Default::default();
+        let mut apps: Vec<&mut dyn CtaphidApp<'static>, 4> = Default::default();
 
         #[cfg(feature = "fido-authenticator")]
         if let Some(fido) = self.fido.as_mut() {
@@ -786,18 +786,15 @@ where
         apps
     }
 
-    fn with_ctaphid_apps<T, const N: usize>(
+    fn with_ctaphid_apps<T>(
         &mut self,
-        f: impl FnOnce(&mut [&mut dyn CtaphidApp<'static, N>]) -> T,
+        f: impl FnOnce(&mut [&mut dyn CtaphidApp<'static>]) -> T,
     ) -> T {
         self.ctaphid_dispatch(f)
     }
 
     #[cfg(feature = "trussed-usbip-ccid")]
-    fn with_ccid_apps<T, const N: usize>(
-        &mut self,
-        f: impl FnOnce(&mut [&mut dyn apdu_app::App<N>]) -> T,
-    ) -> T {
+    fn with_ccid_apps<T>(&mut self, f: impl FnOnce(&mut [&mut dyn apdu_app::App]) -> T) -> T {
         self.apdu_dispatch(f)
     }
 }

components/boards/Cargo.toml

@@ -50,7 +50,7 @@ cortex-m-semihosting = { version = "0.3.5", optional = true }
 rtt-target = { version = "0.3", features = ["cortex-m"], optional = true }
 
 # se050
-se05x = { version = "0.2.0", optional = true }
+se05x = { version = "0.3.0", optional = true }
 
 trussed-manage = "0.2.0"
 

components/boards/src/init.rs

@@ -43,6 +43,12 @@ pub struct Resources<B: Board> {
     pub usb: UsbResources<B>,
 }
 
+impl<B: Board> Default for Resources<B> {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
 impl<B: Board> Resources<B> {
     pub const fn new() -> Self {
         Self {
@@ -57,6 +63,12 @@ pub struct UsbResources<B: Board> {
     usb_bus: Option<UsbBusAllocator<<B::Soc as Soc>::UsbBus>>,
 }
 
+impl<B: Board> Default for UsbResources<B> {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
 impl<B: Board> UsbResources<B> {
     pub const fn new() -> Self {
         Self { usb_bus: None }
@@ -296,7 +308,7 @@ pub fn init_trussed<B: Board, R: CryptoRng + RngCore>(
     let dispatch = if let Some(hw_key) = hw_key {
         Dispatch::with_hw_key(
             AUTH_LOCATION,
-            trussed::types::Bytes::from_slice(hw_key).unwrap(),
+            trussed::types::Bytes::try_from(hw_key).unwrap(),
             #[cfg(feature = "se050")]
             se050,
         )

components/boards/src/nk3am/migrations/ftl_journal/backends.rs

@@ -30,7 +30,7 @@ impl BackupBackend for EFSBackupBackend<'_> {
     fn write(&mut self, content: &[u8]) -> Result<usize> {
         let len =
             content.len() + ((Self::RW_SIZE - (content.len() % Self::RW_SIZE)) % Self::RW_SIZE);
-        let mut data: Bytes<MAX_DUMP_BLOB_LENGTH> = Bytes::from_slice(content).unwrap();
+        let mut data: Bytes<MAX_DUMP_BLOB_LENGTH> = Bytes::try_from(content).unwrap();
 
         data.resize(len, 0x00)
             .map_err(|_| FSBackupError::BackendWriteErr)?;
@@ -49,7 +49,7 @@ impl BackupBackend for EFSBackupBackend<'_> {
 
     fn read<const N: usize>(&mut self, len: usize) -> Result<Bytes<N>> {
         let mut output = Bytes::<N>::default();
-        output.resize_default(len).expect("assuming: N > len");
+        output.resize_zero(len).expect("assuming: N > len");
 
         self.extflash
             .read(self.offset, &mut output)

components/boards/src/store.rs

@@ -34,6 +34,12 @@ pub struct StoreResources<B: Board> {
     volatile: StorageResources<VolatileStorage>,
 }
 
+impl<B: Board> Default for StoreResources<B> {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
 impl<B: Board> StoreResources<B> {
     pub const fn new() -> Self {
         Self {
@@ -50,6 +56,12 @@ pub struct StorageResources<S: Storage + 'static> {
     storage: MaybeUninit<S>,
 }
 
+impl<S: Storage + 'static> Default for StorageResources<S> {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
 impl<S: Storage + 'static> StorageResources<S> {
     pub const fn new() -> Self {
         Self {

components/lfs-backup/Cargo.toml

@@ -8,14 +8,14 @@ edition = "2021"
 littlefs2.workspace = true
 generic-array = "0.14.6"
 
-heapless-bytes = "0.3.0"
-heapless = "0.7.16"
+heapless-bytes = "0.5.0"
+heapless = "0.9.1"
 
 serde = { version = "1.0", default-features = false }
 postcard = "1.0"
 
 trussed = { version = "0.1", default-features = false }
-trussed-core = "0.1.0-rc.1"
+trussed-core = "0.1.0"
 
 [dev-dependencies]
 rand = "0.8.5"

components/lfs-backup/src/lfs_backup.rs

@@ -47,6 +47,16 @@ impl From<littlefs2::io::Error> for FSBackupError {
     }
 }
 
+pub(crate) fn postcard_serialize_bytes<T: serde::Serialize, const N: usize>(
+    object: &T,
+) -> postcard::Result<Vec<u8, N>> {
+    let mut vec = Vec::new();
+    vec.resize(N, 0u8).unwrap();
+    let serialized = postcard::to_slice(object, &mut vec)?.len();
+    vec.resize(serialized, 0).unwrap();
+    Ok(vec)
+}
+
 pub type Result<T, E = FSBackupError> = core::result::Result<T, E>;
 
 #[derive(Clone, Debug)]
@@ -95,7 +105,7 @@ pub trait BackupBackend {
         attr: Option<UserAttribute>,
     ) -> Result<usize> {
         let path_bytes =
-            Bytes::<PATH_MAX>::from_slice(entry.path().as_str_ref_with_trailing_nul().as_bytes())
+            Bytes::<PATH_MAX>::try_from(entry.path().as_str_ref_with_trailing_nul().as_bytes())
                 .map_err(|_| FSBackupError::PathAssemblyErr)?;
 
         let blob = FSEntryBlob {
@@ -106,7 +116,7 @@ pub trait BackupBackend {
         };
         // assemble to-be-written blob => <data-len: big-endian u32><data>
         let raw_blob: Vec<u8, MAX_DUMP_BLOB_LENGTH> =
-            postcard::to_vec(&blob).map_err(|_| FSBackupError::SerializeErr)?;
+            postcard_serialize_bytes(&blob).map_err(|_| FSBackupError::SerializeErr)?;
         let raw_blob_len: u32 = raw_blob.len() as u32;
         let raw_blob_len_bin = raw_blob_len.to_be_bytes();
 
@@ -145,7 +155,7 @@ pub trait BackupBackend {
             buf
         // all data for entry already `read` no further `read` calls needed
         } else {
-            Bytes::from_slice(&chunk_one.as_slice()[4..])
+            Bytes::try_from(&chunk_one.as_slice()[4..])
                 .map_err(|_| FSBackupError::BackendReadErr)?
         };
 
@@ -234,7 +244,7 @@ pub trait BackupBackend {
                     .map_err(|_| FSBackupError::PathStackFullErr)?;
 
                 let file_contents = entry.file_type().is_file().then(|| {
-                    Message::from_slice(
+                    Message::try_from(
                         fs.read::<MAX_MESSAGE_LENGTH>(entry.path())
                             .unwrap()
                             .as_slice(),

components/ndef-app/Cargo.toml

@@ -7,7 +7,7 @@ edition = "2018"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-heapless = "0.7"
+heapless = "0.9"
 
 apdu-app = "0.1"
-iso7816 = "0.1"
+iso7816 = "0.2"

components/ndef-app/src/ndef.rs

@@ -1,4 +1,5 @@
-use apdu_app::{CommandView, Data, Interface};
+use apdu_app::{CommandView, Interface};
+use heapless::VecView;
 use iso7816::{Instruction, Status};
 
 pub struct App<'a> {
@@ -45,12 +46,12 @@ impl iso7816::App for App<'_> {
     }
 }
 
-impl<const R: usize> apdu_app::App<R> for App<'_> {
+impl apdu_app::App for App<'_> {
     fn select(
         &mut self,
         _interface: Interface,
         _apdu: CommandView<'_>,
-        _reply: &mut Data<R>,
+        _reply: &mut VecView<u8>,
     ) -> apdu_app::Result {
         Ok(())
     }
@@ -61,7 +62,7 @@ impl<const R: usize> apdu_app::App<R> for App<'_> {
         &mut self,
         _type: Interface,
         apdu: CommandView<'_>,
-        reply: &mut Data<R>,
+        reply: &mut VecView<u8>,
     ) -> apdu_app::Result {
         let instruction = apdu.instruction();
         let p1 = apdu.p1;

components/nfc-device/Cargo.toml

@@ -7,11 +7,11 @@ edition = "2018"
 [dependencies]
 delog = "0.1.0"
 embedded-time = "0.12"
-heapless = "0.7"
+heapless = "0.9"
 nb = "1"
 
 apdu-dispatch = "0.3"
-iso7816 = "0.1"
+iso7816 = "0.2"
 interchange = "0.3.0"
 
 [features]

components/provisioner-app/Cargo.toml

@@ -10,9 +10,9 @@ edition = "2018"
 apdu-app = "0.1"
 ctaphid-app = "0.1.0-rc.1"
 delog = "0.1"
-heapless = "0.7"
-heapless-bytes = "0.3"
-iso7816 = "0.1"
+heapless = "0.9"
+heapless-bytes = "0.5"
+iso7816 = "0.2"
 littlefs2-core = "0.1"
 salty = { version = "0.3", features = ["cose"] }
 trussed = { version = "0.1", default-features = false, features = ["crypto-client"] }