diff --git a/src/api.rs b/src/api.rs index 03e8bb3db1a..47cb0407926 100644 --- a/src/api.rs +++ b/src/api.rs @@ -5,7 +5,11 @@ //! [pkcs11-v3]: https://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/pkcs11-base-v3.0.html //! [pkcs11-headers]: https://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/cs01/include/pkcs11-v3.0/ -use crate::types::*; +use crate::types::{ + consent, reboot, Bytes, CertId, CounterId, DirEntry, KeyId, KeySerialization, Location, + Mechanism, MediumData, Message, PathBuf, SerializedKey, ShortData, Signature, + SignatureSerialization, StorageAttributes, UserAttribute, +}; use core::time::Duration; #[macro_use] diff --git a/src/client.rs b/src/client.rs index 65106eab2a8..40027e00fc9 100644 --- a/src/client.rs +++ b/src/client.rs @@ -77,13 +77,17 @@ //! use core::{marker::PhantomData, task::Poll}; -use crate::api::*; +use crate::api::{reply, request, NotBefore, Reply, ReplyVariant, RequestVariant}; use crate::backend::{BackendId, CoreOnly, Dispatch}; -use crate::error::*; +use crate::error::{Error, Result}; use crate::interrupt::InterruptFlag; use crate::pipe::{TrussedRequester, TRUSSED_INTERCHANGE}; use crate::service::Service; -use crate::types::*; +use crate::types::{ + consent, reboot, Bytes, CertId, CounterId, KeyId, KeySerialization, Location, Mechanism, + MediumData, Message, PathBuf, Platform, SerializedKey, ShortData, Signature, + SignatureSerialization, StorageAttributes, UserAttribute, +}; pub use crate::platform::Syscall; diff --git a/src/client/mechanisms.rs b/src/client/mechanisms.rs index 522841186d9..c24a3413523 100644 --- a/src/client/mechanisms.rs +++ b/src/client/mechanisms.rs @@ -1,4 +1,10 @@ -use super::*; +use super::{ClientError, ClientImplementation, ClientResult, CryptoClient}; +use crate::api::reply; +use crate::platform::Syscall; +use crate::types::{ + KeyId, KeySerialization, Location, Mechanism, MediumData, Message, ShortData, + SignatureSerialization, StorageAttributes, +}; #[cfg(feature = "aes256-cbc")] impl Aes256Cbc for ClientImplementation {} diff --git a/src/mechanisms/aes256cbc.rs b/src/mechanisms/aes256cbc.rs index 192cbda0be5..c70aba15591 100644 --- a/src/mechanisms/aes256cbc.rs +++ b/src/mechanisms/aes256cbc.rs @@ -1,8 +1,9 @@ -use crate::api::*; -// use crate::config::*; +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; -use crate::types::*; +use crate::key; +use crate::service::{Decrypt, Encrypt, UnsafeInjectKey, WrapKey}; +use crate::store::keystore::Keystore; +use crate::types::{Mechanism, Message, ShortData}; const AES256_KEY_SIZE: usize = 32; diff --git a/src/mechanisms/chacha8poly1305.rs b/src/mechanisms/chacha8poly1305.rs index e2cb68cf9c4..c19460decf2 100644 --- a/src/mechanisms/chacha8poly1305.rs +++ b/src/mechanisms/chacha8poly1305.rs @@ -1,9 +1,12 @@ -use crate::api::*; -// use crate::config::*; +use generic_array::GenericArray; +use rand_core::RngCore; + +use crate::api::{reply, request}; use crate::error::Error; use crate::key; -use crate::service::*; -use crate::types::*; +use crate::service::{Decrypt, Encrypt, GenerateKey, UnwrapKey, WrapKey}; +use crate::store::keystore::Keystore; +use crate::types::{Mechanism, Message, ShortData}; // TODO: The non-detached versions seem better. // This needs a bit of additional type gymnastics. diff --git a/src/mechanisms/ed255.rs b/src/mechanisms/ed255.rs index 808477969c8..9e8ce5084ce 100644 --- a/src/mechanisms/ed255.rs +++ b/src/mechanisms/ed255.rs @@ -1,11 +1,15 @@ -use core::convert::{TryFrom, TryInto}; +use rand_core::RngCore; -use crate::api::*; -// use crate::config::*; -// use crate::debug; +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; -use crate::types::*; +use crate::key; +use crate::service::{ + DeriveKey, DeserializeKey, Exists, GenerateKey, SerializeKey, Sign, UnsafeInjectKey, Verify, +}; +use crate::store::keystore::Keystore; +use crate::types::{ + Bytes, KeyId, KeySerialization, SerializedKey, Signature, SignatureSerialization, +}; #[inline(never)] fn load_public_key( diff --git a/src/mechanisms/hmacblake2s.rs b/src/mechanisms/hmacblake2s.rs index 07ae205e643..9ee4d834c54 100644 --- a/src/mechanisms/hmacblake2s.rs +++ b/src/mechanisms/hmacblake2s.rs @@ -1,7 +1,9 @@ -use crate::api::*; +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; -use crate::types::*; +use crate::key; +use crate::service::{DeriveKey, Sign}; +use crate::store::keystore::Keystore; +use crate::types::Signature; #[cfg(feature = "hmac-blake2s")] impl DeriveKey for super::HmacBlake2s { diff --git a/src/mechanisms/hmacsha1.rs b/src/mechanisms/hmacsha1.rs index 2741f26bbdc..ff630329534 100644 --- a/src/mechanisms/hmacsha1.rs +++ b/src/mechanisms/hmacsha1.rs @@ -1,7 +1,9 @@ -use crate::api::*; +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; -use crate::types::*; +use crate::key; +use crate::service::{DeriveKey, Sign}; +use crate::store::keystore::Keystore; +use crate::types::Signature; #[cfg(feature = "hmac-sha1")] impl DeriveKey for super::HmacSha1 { diff --git a/src/mechanisms/hmacsha256.rs b/src/mechanisms/hmacsha256.rs index c5b23e15266..573bbf46b08 100644 --- a/src/mechanisms/hmacsha256.rs +++ b/src/mechanisms/hmacsha256.rs @@ -1,7 +1,9 @@ -use crate::api::*; +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; -use crate::types::*; +use crate::key; +use crate::service::{DeriveKey, Sign}; +use crate::store::keystore::Keystore; +use crate::types::Signature; #[cfg(feature = "hmac-sha256")] impl DeriveKey for super::HmacSha256 { diff --git a/src/mechanisms/hmacsha512.rs b/src/mechanisms/hmacsha512.rs index 881bde8edf7..e4d1dc4d8be 100644 --- a/src/mechanisms/hmacsha512.rs +++ b/src/mechanisms/hmacsha512.rs @@ -1,7 +1,9 @@ -use crate::api::*; +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; -use crate::types::*; +use crate::key; +use crate::service::{DeriveKey, Sign}; +use crate::store::keystore::Keystore; +use crate::types::Signature; #[cfg(feature = "hmac-sha512")] impl DeriveKey for super::HmacSha512 { diff --git a/src/mechanisms/p256.rs b/src/mechanisms/p256.rs index d2b508c8dcd..e25df84ad3c 100644 --- a/src/mechanisms/p256.rs +++ b/src/mechanisms/p256.rs @@ -1,9 +1,14 @@ -// use core::convert::{TryFrom, TryInto}; - -use crate::api::*; +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; -use crate::types::*; +use crate::key; +use crate::service::{ + Agree, DeriveKey, DeserializeKey, Exists, GenerateKey, SerializeKey, Sign, UnsafeInjectKey, + Verify, +}; +use crate::store::keystore::Keystore; +use crate::types::{ + Bytes, KeyId, KeySerialization, SerializedKey, Signature, SignatureSerialization, +}; #[inline(never)] fn load_secret_key( diff --git a/src/mechanisms/sha256.rs b/src/mechanisms/sha256.rs index db2e5362e00..073daa42d1c 100644 --- a/src/mechanisms/sha256.rs +++ b/src/mechanisms/sha256.rs @@ -1,7 +1,9 @@ -use crate::api::*; +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; -use crate::types::*; +use crate::key; +use crate::service::{DeriveKey, Hash}; +use crate::store::keystore::Keystore; +use crate::types::ShortData; #[cfg(feature = "sha256")] impl DeriveKey for super::Sha256 { diff --git a/src/mechanisms/shared_secret.rs b/src/mechanisms/shared_secret.rs index b33a1bdddec..904654604bc 100644 --- a/src/mechanisms/shared_secret.rs +++ b/src/mechanisms/shared_secret.rs @@ -1,8 +1,9 @@ -use crate::api::*; +use crate::api::{reply, request}; use crate::error::Error; use crate::key; -use crate::service::*; -use crate::types::*; +use crate::service::{SerializeKey, UnsafeInjectKey}; +use crate::store::keystore::Keystore; +use crate::types::{KeySerialization, SerializedKey}; impl SerializeKey for super::SharedSecret { #[inline(never)] diff --git a/src/mechanisms/tdes.rs b/src/mechanisms/tdes.rs index 7710f04252d..c4bb2db05f6 100644 --- a/src/mechanisms/tdes.rs +++ b/src/mechanisms/tdes.rs @@ -8,11 +8,13 @@ // needed to even get ::new() from des... #[cfg(feature = "tdes")] use des::cipher::{BlockDecrypt, BlockEncrypt, KeyInit}; +use generic_array::GenericArray; -use crate::api::*; +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; -use crate::types::*; +use crate::key; +use crate::service::{Decrypt, Encrypt, UnsafeInjectKey}; +use crate::store::keystore::Keystore; const TDES_KEY_SIZE: usize = 24; diff --git a/src/mechanisms/totp.rs b/src/mechanisms/totp.rs index dd356841f4b..affe67ac72e 100644 --- a/src/mechanisms/totp.rs +++ b/src/mechanisms/totp.rs @@ -1,6 +1,8 @@ -use crate::api::*; +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; +use crate::key; +use crate::service::{Exists, Sign}; +use crate::store::keystore::Keystore; // code copied from https://github.com/avacariu/rust-oath diff --git a/src/mechanisms/trng.rs b/src/mechanisms/trng.rs index 91b38500923..6ef8e475767 100644 --- a/src/mechanisms/trng.rs +++ b/src/mechanisms/trng.rs @@ -1,6 +1,10 @@ -use crate::api::*; +use rand_core::RngCore; + +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; +use crate::key; +use crate::service::GenerateKey; +use crate::store::keystore::Keystore; #[cfg(feature = "trng")] impl GenerateKey for super::Trng { diff --git a/src/mechanisms/x255.rs b/src/mechanisms/x255.rs index c282d478759..69ad0ce5441 100644 --- a/src/mechanisms/x255.rs +++ b/src/mechanisms/x255.rs @@ -1,13 +1,14 @@ -use core::convert::TryInto; +use rand_core::RngCore; +use salty::agreement; -use crate::api::*; -// use crate::config::*; -// use crate::debug; +use crate::api::{reply, request}; use crate::error::Error; -use crate::service::*; -use crate::types::*; - -use salty::agreement; +use crate::key; +use crate::service::{ + Agree, DeriveKey, DeserializeKey, Exists, GenerateKey, SerializeKey, UnsafeInjectKey, +}; +use crate::store::keystore::Keystore; +use crate::types::{KeyId, KeySerialization, SerializedKey}; fn load_public_key( keystore: &mut impl Keystore, diff --git a/src/service.rs b/src/service.rs index b7a125b1b0b..11b0f110e3b 100644 --- a/src/service.rs +++ b/src/service.rs @@ -1,4 +1,5 @@ use littlefs2::{ + object_safe::DynFilesystem, path, path::{Path, PathBuf}, }; @@ -7,25 +8,27 @@ pub use rand_core::{RngCore, SeedableRng}; use crate::backend::{BackendId, CoreOnly, Dispatch}; use crate::client::{ClientBuilder, ClientImplementation}; -use crate::config::*; +use crate::config::{MAX_MESSAGE_LENGTH, MAX_SERVICE_CLIENTS}; use crate::error::{Error, Result}; pub use crate::key; use crate::mechanisms; pub use crate::pipe::ServiceEndpoint; use crate::pipe::TrussedResponder; -use crate::platform::*; +use crate::platform::{consent, ui, Platform, Store, Syscall, UserInterface}; pub use crate::store::{ self, certstore::{Certstore as _, ClientCertstore}, counterstore::{ClientCounterstore, Counterstore as _}, filestore::{ClientFilestore, Filestore, ReadDirFilesState, ReadDirState}, keystore::{ClientKeystore, Keystore}, - DynFilesystem, }; use crate::types::ui::Status; -use crate::types::*; +use crate::types::{Context, CoreContext, Location, Mechanism, MediumData, Message, Vec}; use crate::Bytes; -use crate::{api::*, interrupt::InterruptFlag}; +use crate::{ + api::{reply, request, Reply, Request}, + interrupt::InterruptFlag, +}; pub mod attest; diff --git a/src/store.rs b/src/store.rs index 9145d95b5d6..51c21287847 100644 --- a/src/store.rs +++ b/src/store.rs @@ -71,8 +71,10 @@ //! - Alternative: subdirectory <==> RP hash, everything else in flat files //! - In any case need to "list dirs excluding . and .." or similar +use littlefs2::{driver::Storage, fs::Filesystem}; + use crate::error::Error; -use crate::types::*; +use crate::types::{Bytes, Location, PathBuf}; #[allow(unused_imports)] #[cfg(feature = "semihosting")] use cortex_m_semihosting::hprintln; @@ -127,9 +129,9 @@ pub mod keystore; // // This makes everything using it *much* more ergonomic. pub unsafe trait Store: Copy { - type I: 'static + LfsStorage; - type E: 'static + LfsStorage; - type V: 'static + LfsStorage; + type I: 'static + Storage; + type E: 'static + Storage; + type V: 'static + Storage; fn ifs(self) -> &'static Fs; fn efs(self) -> &'static Fs; fn vfs(self) -> &'static Fs; @@ -142,18 +144,18 @@ pub unsafe trait Store: Copy { } } -pub struct Fs { +pub struct Fs { fs: &'static Filesystem<'static, S>, } -impl core::ops::Deref for Fs { +impl core::ops::Deref for Fs { type Target = Filesystem<'static, S>; fn deref(&self) -> &Self::Target { self.fs } } -impl Fs { +impl Fs { pub fn new(fs: &'static Filesystem<'static, S>) -> Self { Self { fs } } diff --git a/src/tests.rs b/src/tests.rs index d198d963519..69e4ea610ea 100644 --- a/src/tests.rs +++ b/src/tests.rs @@ -2,14 +2,17 @@ #![allow(static_mut_refs)] use chacha20::ChaCha20; - -use crate::types::*; -use crate::*; use entropy::shannon_entropy; +use generic_array::GenericArray; use littlefs2::const_ram_storage; +use littlefs2::driver::Storage as LfsStorage; use littlefs2::fs::{Allocation, Filesystem}; +use littlefs2::io::Result as LfsResult; +use rand_core::{CryptoRng, RngCore}; use crate::client::{CryptoClient as _, FilesystemClient as _}; +use crate::types::{consent, reboot, ui, Bytes, Location, PathBuf}; +use crate::{api, block, platform, store, Error}; pub struct MockRng(ChaCha20); @@ -23,9 +26,9 @@ impl MockRng { } } -impl rand_core::CryptoRng for MockRng {} +impl CryptoRng for MockRng {} -impl crate::service::RngCore for MockRng { +impl RngCore for MockRng { fn fill_bytes(&mut self, buf: &mut [u8]) { use chacha20::cipher::StreamCipher; self.0.apply_keystream(buf); diff --git a/src/types.rs b/src/types.rs index 48d7e194989..1f4e60024a1 100644 --- a/src/types.rs +++ b/src/types.rs @@ -194,7 +194,7 @@ impl KeyId { // impl_id!(SecretKeyId); pub mod ui { - use super::*; + use serde::{Deserialize, Serialize}; // TODO: Consider whether a simple "language" to specify "patterns" // makes sense, vs. "semantic" indications with platform-specific implementation @@ -210,7 +210,7 @@ pub mod ui { } pub mod reboot { - use super::*; + use serde::{Deserialize, Serialize}; #[derive(Copy, Clone, Eq, PartialEq, Debug, Serialize, Deserialize)] pub enum To { @@ -220,7 +220,7 @@ pub mod reboot { } pub mod consent { - use super::*; + use serde::{Deserialize, Serialize}; #[derive(Copy, Clone, Eq, PartialEq, Debug, Serialize, Deserialize)] pub enum Level { diff --git a/src/virt/store.rs b/src/virt/store.rs index 43f2c122bc7..3d691c4e23c 100644 --- a/src/virt/store.rs +++ b/src/virt/store.rs @@ -6,14 +6,13 @@ use std::{ }; use generic_array::typenum::{U512, U8}; -use littlefs2::{const_ram_storage, driver::Storage, fs::Allocation}; - -use crate::{ - store, - store::Store, - types::{LfsResult, LfsStorage}, +use littlefs2::{ + const_ram_storage, driver::Storage, driver::Storage as LfsStorage, fs::Allocation, + io::Result as LfsResult, }; +use crate::{store, store::Store}; + pub trait StoreProvider { type Store: Store; diff --git a/tests/store/mod.rs b/tests/store/mod.rs index 4318a73853e..388990e9844 100644 --- a/tests/store/mod.rs +++ b/tests/store/mod.rs @@ -1,5 +1,6 @@ use littlefs2::const_ram_storage; -use trussed::types::{LfsResult, LfsStorage}; +use littlefs2::driver::Storage as LfsStorage; +use littlefs2::io::Result as LfsResult; const_ram_storage!(InternalStorage, 8192); // const_ram_storage!(InternalStorage, 16384);