Update trussed to use new virtual store

Author: robin-nitrokey

Cargo.toml

@@ -54,14 +54,14 @@ ciborium = { version = "0.2.2" }
 ciborium-io = "0.2.2"
 cipher = "0.4.4"
 ctaphid = { version = "0.3.1", default-features = false }
-ctaphid-dispatch = "0.2"
+ctaphid-dispatch = "0.3"
 delog = { version = "0.1.6", features = ["std-log"] }
 env_logger = "0.11.0"
 hex-literal = "0.4.1"
 hmac = "0.12.1"
 interchange = "0.3.0"
 itertools = "0.14.0"
-littlefs2 = "0.5.0"
+littlefs2 = "0.6.0"
 log = "0.4.21"
 p256 = { version = "0.13.2", features = ["ecdh"] }
 rand = "0.8.4"
@@ -71,17 +71,17 @@ serde_test = "1.0.176"
 trussed = { version = "0.1", features = ["virt"] }
 trussed-staging = { version = "0.3.0", features = ["chunked", "hkdf", "virt", "fs-info"] }
 trussed-usbip = { version = "0.0.1", default-features = false, features = ["ctaphid"] }
-usbd-ctaphid = "0.2.0"
+usbd-ctaphid = "0.3.0"
 x509-parser = "0.16.0"
 
 [package.metadata.docs.rs]
 features = ["dispatch"]
 
 [patch.crates-io]
-admin-app = { git = "https://github.com/Nitrokey/admin-app.git", tag = "v0.1.0-nitrokey.19" }
-trussed = { git = "https://github.com/trussed-dev/trussed.git", rev = "6bba8fde36d05c0227769eb63345744e87d84b2b" }
-trussed-staging = { git = "https://github.com/trussed-dev/trussed-staging.git", rev = "1e1ca03a3a62ea9b802f4070ea4bce002eeb4bec" }
-trussed-usbip = { git = "https://github.com/trussed-dev/pc-usbip-runner.git", rev = "4fe4e4e287dac1d92fcd4f97e8926497bfa9d7a9" }
+admin-app = { git = "https://github.com/Nitrokey/admin-app.git", tag = "v0.1.0-nitrokey.20" }
+trussed = { git = "https://github.com/trussed-dev/trussed.git", rev = "024e0eca5fb7dbd2457831f7c7bffe4341e08775" }
+trussed-staging = { git = "https://github.com/trussed-dev/trussed-staging.git", rev = "7922d67e9637a87e5625aaff9e5111f0d4ec0346" }
+trussed-usbip = { git = "https://github.com/trussed-dev/pc-usbip-runner.git", rev = "504674453c9573a30aa2f155101df49eb2af1ba7" }
 
 [profile.test]
 opt-level = 2

src/credential.rs

@@ -787,7 +787,7 @@ mod test {
         key::{Kind, Secrecy},
         store::keystore::{ClientKeystore, Keystore as _},
         types::Location,
-        virt::{self, Ram},
+        virt::{self, StoreConfig},
         Platform as _,
     };
 
@@ -960,7 +960,7 @@ mod test {
         );
         const SERIALIZED_CREDENTIAL: &[u8] = &hex!("A3000201A700A1626964684A6F686E20446F6501A16269644301020302187B03F404260582014301020306F4024C000000000000000000000000");
 
-        virt::with_platform(Ram::default(), |mut platform| {
+        virt::with_platform(StoreConfig::ram(), |mut platform| {
             let kek = [0; 44];
             let client_id = path!("fido");
             let kek = {
@@ -1030,7 +1030,7 @@ mod test {
 
     #[test]
     fn credential_ids() {
-        trussed::virt::with_ram_client("fido", |mut client| {
+        trussed::virt::with_client(StoreConfig::ram(), "fido", |mut client| {
             let kek = syscall!(client.generate_chacha8poly1305_key(Location::Internal)).key;
             let nonce = ByteArray::new([0; 12]);
             let data = credential_data();
@@ -1092,7 +1092,7 @@ mod test {
             large_blob_key: Some(ByteArray::new([0xff; 32])),
             third_party_payment: Some(true),
         };
-        trussed::virt::with_ram_client("fido", |mut client| {
+        trussed::virt::with_client(StoreConfig::ram(), "fido", |mut client| {
             let kek = syscall!(client.generate_chacha8poly1305_key(Location::Internal)).key;
             let rp_id_hash = syscall!(client.hash_sha256(rp_id.as_ref()))
                 .hash

tests/virt/mod.rs

@@ -4,7 +4,6 @@ use std::{
     borrow::Cow,
     cell::RefCell,
     fmt::{self, Debug, Formatter},
-    ops::Deref as _,
     sync::{
         atomic::{AtomicBool, Ordering},
         Arc, Once,
@@ -19,7 +18,7 @@ use ctaphid::{
     error::{RequestError, ResponseError},
     HidDevice, HidDeviceInfo,
 };
-use ctaphid_dispatch::{Channel, Dispatch, Requester};
+use ctaphid_dispatch::{Channel, Dispatch, Requester, DEFAULT_MESSAGE_SIZE};
 use fido_authenticator::{Authenticator, Config, Conforming};
 use littlefs2::{object_safe::DynFilesystem, path, path::PathBuf};
 use rand::{
@@ -30,7 +29,7 @@ use trussed::{
     backend::BackendId,
     platform::Platform as _,
     store::Store as _,
-    virt::{self, Ram},
+    virt::{self, StoreConfig},
 };
 use trussed_staging::virt::{BackendIds, Client, Dispatcher};
 
@@ -199,10 +198,10 @@ impl HidDeviceInfo for DeviceInfo {
     }
 }
 
-pub struct Device<'a>(RefCell<Pipe<'a>>);
+pub struct Device<'a>(RefCell<Pipe<'a, DEFAULT_MESSAGE_SIZE>>);
 
 impl<'a> Device<'a> {
-    fn new(requester: Requester<'a>) -> Self {
+    fn new(requester: Requester<'a, DEFAULT_MESSAGE_SIZE>) -> Self {
         Self(RefCell::new(Pipe::new(requester)))
     }
 }
@@ -249,10 +248,10 @@ impl HidDevice for Device<'_> {
 
 fn with_client<F, F2, T>(files: &[(PathBuf, Vec<u8>)], f: F, inspect_ifs: F2) -> T
 where
-    F: FnOnce(Client<Ram>) -> T,
+    F: FnOnce(Client) -> T,
     F2: FnOnce(&dyn DynFilesystem),
 {
-    virt::with_platform(Ram::default(), |mut platform| {
+    virt::with_platform(StoreConfig::ram(), |mut platform| {
         // virt always uses the same seed -- request some random bytes to reach a somewhat random
         // state
         let uniform = Uniform::from(0..64);
@@ -261,7 +260,8 @@ where
             platform.rng().next_u32();
         }
 
-        let ifs = platform.store().ifs();
+        let store = platform.store();
+        let ifs = store.ifs();
 
         for (path, content) in files {
             if let Some(dir) = path.parent() {
@@ -280,7 +280,7 @@ where
             f,
         );
 
-        inspect_ifs(ifs.deref());
+        inspect_ifs(ifs);
 
         result
     })

tests/virt/pipe.rs

@@ -93,10 +93,10 @@ enum State {
     Sending((Response, MessageState)),
 }
 
-pub struct Pipe<'a> {
+pub struct Pipe<'a, const N: usize> {
     queue: VecDeque<[u8; PACKET_SIZE]>,
     state: State,
-    interchange: Requester<'a>,
+    interchange: Requester<'a, N>,
     buffer: [u8; MESSAGE_SIZE],
     last_channel: u32,
     implements: u8,
@@ -106,8 +106,8 @@ pub struct Pipe<'a> {
     version: Version,
 }
 
-impl<'a> Pipe<'a> {
-    pub fn new(interchange: Requester<'a>) -> Self {
+impl<'a, const N: usize> Pipe<'a, N> {
+    pub fn new(interchange: Requester<'a, N>) -> Self {
         Self {
             queue: Default::default(),
             state: State::Idle,