Use extension crates instead of backends

This patch replaces the dependencies on trussed-staging and trussed-se050-backend with extension crates extracted from these crates. See the these PRs for more information: - trussed-dev/trussed-staging#19 - Nitrokey/trussed-se050-backend#13
Nitrokey · Mar 22, 2024 · dbf5d2b · dbf5d2b
1 parent 758cdc8
commit dbf5d2b
Show file tree

Hide file tree

Showing 4 changed files with 104 additions and 48 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -17,9 +17,9 @@ version = "1.7.0-rc.1"
 memory-regions = { path = "components/memory-regions" }
 
 # forked
-admin-app = { git = "https://github.com/Nitrokey/admin-app.git", tag = "v0.1.0-nitrokey.10" }
+admin-app = { git = "https://github.com/Nitrokey/admin-app.git", tag = "v0.1.0-nitrokey.11" }
 cbor-smol = { git = "https://github.com/Nitrokey/cbor-smol.git", tag = "v0.4.0-nitrokey.1" }
-fido-authenticator = { git = "https://github.com/Nitrokey/fido-authenticator.git", tag = "v0.1.1-nitrokey.12" }
+fido-authenticator = { git = "https://github.com/Nitrokey/fido-authenticator.git", tag = "v0.1.1-nitrokey.13" }
 flexiber = { git = "https://github.com/Nitrokey/flexiber", tag = "0.1.1.nitrokey" }
 lpc55-hal = { git = "https://github.com/Nitrokey/lpc55-hal", tag = "v0.3.0-nitrokey.2" }
 serde-indexed = { git = "https://github.com/nitrokey/serde-indexed.git", tag = "v0.1.0-nitrokey.2" }
@@ -36,15 +36,19 @@ p256-cortex-m4  = { git = "https://github.com/ycrypto/p256-cortex-m4.git", rev =
 
 # unreleased crates
 secrets-app = { git = "https://github.com/Nitrokey/trussed-secrets-app", tag = "v0.13.0-rc2" }
-webcrypt = { git = "https://github.com/nitrokey/nitrokey-websmartcard-rust", rev = "b1502d72035ecde0f16f9fff5c8da06139b90d11" }
-opcard = { git = "https://github.com/Nitrokey/opcard-rs", rev = "1c844b74aa5bf245cd8223bc63b74b3a1f1f7b0f" }
-piv-authenticator = { git = "https://github.com/Nitrokey/piv-authenticator", tag = "v0.3.4" }
-trussed-staging = { git = "https://github.com/trussed-dev/trussed-staging.git", rev = "1240154c269cc3875552c46ddcbde2c9aeea5e51" }
+webcrypt = { git = "https://github.com/nitrokey/nitrokey-websmartcard-rust", tag = "v0.8.0-rc6" }
+opcard = { git = "https://github.com/Nitrokey/opcard-rs", tag = "v1.4.0" }
+piv-authenticator = { git = "https://github.com/trussed-dev/piv-authenticator.git", tag = "v0.4.0" }
+trussed-chunked = { git = "https://github.com/trussed-dev/trussed-staging.git", tag = "chunked-v0.1.0" }
+trussed-manage = { git = "https://github.com/trussed-dev/trussed-staging.git", tag = "manage-v0.1.0" }
+trussed-wrap-key-to-file = { git = "https://github.com/trussed-dev/trussed-staging.git", tag = "wrap-key-to-file-v0.1.0" }
+trussed-staging = { git = "https://github.com/trussed-dev/trussed-staging.git", tag = "v0.2.0" }
 trussed-auth = { git = "https://github.com/trussed-dev/trussed-auth", rev = "4b8191f248c26cb074cdac887c7f3f48f9c449a4" }
 trussed-hkdf = { git = "https://github.com/Nitrokey/trussed-hkdf-backend.git", tag = "v0.1.0" }
 trussed-rsa-alloc = { git = "https://github.com/trussed-dev/trussed-rsa-backend.git", rev = "9732a9a3e98af72112286afdc9b7174c66c2869a" }
 trussed-usbip = { git = "https://github.com/Nitrokey/pc-usbip-runner.git", tag = "v0.0.1-nitrokey.3" }
-trussed-se050-backend = { git = "https://github.com/Nitrokey/trussed-se050-backend.git", tag = "v0.2.0" }
+trussed-se050-backend = { git = "https://github.com/Nitrokey/trussed-se050-backend.git", tag = "v0.3.0" }
+trussed-se050-manage = { git = "https://github.com/Nitrokey/trussed-se050-backend.git", tag = "se050-manage-v0.1.0" }
 
 [profile.release]
 codegen-units = 1

diff --git a/components/apps/Cargo.toml b/components/apps/Cargo.toml
@@ -7,7 +7,9 @@ edition = "2021"
 apdu-dispatch = "0.1"
 bitflags = "2"
 ctaphid-dispatch = "0.1"
+embedded-hal = "0.2.7"
 heapless = "0.7"
+se05x = { version = "0.1.1", optional = true}
 serde = { version = "1.0.180", default-features = false }
 trussed = { version = "0.1", features = ["serde-extensions"]}
 trussed-usbip = { version = "0.0.1", default-features = false, features = ["ctaphid"], optional = true }
@@ -20,20 +22,24 @@ littlefs2 = "0.4"
 trussed-auth = { version = "0.2.2", optional = true }
 trussed-hkdf = { version = "0.1.0" }
 trussed-rsa-alloc = { version = "0.1.0", optional = true }
-trussed-staging = { version = "0.1.0", features = ["wrap-key-to-file", "chunked", "encrypted-chunked", "manage"] }
+trussed-se050-backend = { version = "0.3.0", optional = true }
+trussed-staging = { version = "0.2.0", features = ["wrap-key-to-file", "chunked", "manage"] }
+
+# Extensions
+trussed-chunked = "0.1.0"
+trussed-manage = "0.1.0"
+trussed-se050-manage = { version = "0.1.0", optional = true }
+trussed-wrap-key-to-file = "0.1.0"
 
 # apps
 admin-app = "0.1.0"
 fido-authenticator = { version = "0.1.1", features = ["chunked", "dispatch"], optional = true }
 ndef-app = { path = "../ndef-app", optional = true }
 webcrypt = { version = "0.8.0", optional = true }
 secrets-app = { version = "0.13.0", features = ["apdu-dispatch", "ctaphid"], optional = true }
-opcard = { version = "1.1.1", features = ["apdu-dispatch", "delog", "rsa2048-gen", "rsa4096", "admin-app"], optional = true }
-piv-authenticator = { version = "0.3.1", features = ["apdu-dispatch", "delog", "rsa"], optional = true }
+opcard = { version = "1.4.0", features = ["apdu-dispatch", "delog", "rsa2048-gen", "rsa4096", "admin-app"], optional = true }
+piv-authenticator = { version = "0.4.0", features = ["apdu-dispatch", "delog", "rsa"], optional = true }
 provisioner-app = { path = "../provisioner-app", optional = true }
-se05x = { version = "0.1.1", optional = true}
-trussed-se050-backend = { version = "0.2.0", optional = true }
-embedded-hal = "0.2.7"
 
 [dev-dependencies]
 cbor-smol = "0.4"
@@ -61,7 +67,7 @@ webcrypt = ["dep:webcrypt", "backend-auth", "backend-rsa"]
 fido-authenticator = ["dep:fido-authenticator", "usbd-ctaphid"]
 opcard = ["dep:opcard", "backend-rsa", "backend-auth"]
 piv-authenticator = ["dep:piv-authenticator", "backend-rsa", "backend-auth"]
-se050 = ["dep:se05x", "trussed-se050-backend", "admin-app/se050"]
+se050 = ["dep:se05x", "trussed-se050-backend", "trussed-se050-manage", "admin-app/se050"]
 
 # backends
 backend-auth = ["trussed-auth"]

diff --git a/components/apps/src/dispatch.rs b/components/apps/src/dispatch.rs
@@ -24,21 +24,21 @@ use embedded_hal::blocking::delay::DelayUs;
 #[cfg(feature = "se050")]
 use se05x::{se05x::Se05X, t1::I2CForT1};
 #[cfg(feature = "se050")]
-use trussed_se050_backend::{
-    manage::ManageExtension as Se050ManageExtension, Context as Se050Context, Se050Backend,
-};
+use trussed_se050_backend::{Context as Se050Context, Se050Backend};
+#[cfg(feature = "se050")]
+use trussed_se050_manage::Se050ManageExtension;
 
 #[cfg(feature = "backend-auth")]
 use trussed_auth::{AuthBackend, AuthContext, AuthExtension, MAX_HW_KEY_LEN};
 
 #[cfg(feature = "backend-rsa")]
 use trussed_rsa_alloc::SoftwareRsa;
 
+use trussed_chunked::ChunkedExtension;
 use trussed_hkdf::{HkdfBackend, HkdfExtension};
-use trussed_staging::{
-    manage::ManageExtension, streaming::ChunkedExtension, wrap_key_to_file::WrapKeyToFileExtension,
-    StagingBackend, StagingContext,
-};
+use trussed_manage::ManageExtension;
+use trussed_staging::{StagingBackend, StagingContext};
+use trussed_wrap_key_to_file::WrapKeyToFileExtension;
 
 #[cfg(feature = "webcrypt")]
 use webcrypt::hmacsha256p256::{
@@ -328,15 +328,15 @@ impl<T: Twi, D: Delay> ExtensionDispatch for Dispatch<T, D> {
                         resources,
                     )
                 }
-                Extension::Se050Manage => ExtensionImpl::<
-                    trussed_se050_backend::manage::ManageExtension,
-                >::extension_request_serialized(
-                    self.se050.as_mut().ok_or(TrussedError::GeneralError)?,
-                    &mut ctx.core,
-                    &mut ctx.backends.se050,
-                    request,
-                    resources,
-                ),
+                Extension::Se050Manage => {
+                    ExtensionImpl::<Se050ManageExtension>::extension_request_serialized(
+                        self.se050.as_mut().ok_or(TrussedError::GeneralError)?,
+                        &mut ctx.core,
+                        &mut ctx.backends.se050,
+                        request,
+                        resources,
+                    )
+                }
                 _ => Err(TrussedError::RequestNotAvailable),
             },
             _ => Err(TrussedError::RequestNotAvailable),