Replace trussed dependency with trussed-core

Cargo.toml

@@ -18,9 +18,11 @@ repository = "https://github.com/trussed-dev/trussed-staging"
 license = "Apache-2.0 OR MIT"
 
 [workspace.dependencies]
+littlefs2-core = "0.1"
 serde = { version = "1.0.160", default-features = false, features = ["derive"] }
 serde-byte-array = "0.1.2"
-trussed = { version = "0.1.0", features = ["serde-extensions"] }
+trussed = { version = "0.1.0", default-features = false, features = ["serde-extensions"] }
+trussed-core = { version = "0.1", features = ["serde-extensions"] }
 
 [package]
 name = "trussed-staging"
@@ -32,6 +34,7 @@ repository.workspace = true
 license.workspace = true
 
 [dependencies]
+littlefs2-core.workspace = true
 serde.workspace = true
 serde-byte-array.workspace = true
 trussed.workspace = true
@@ -41,7 +44,6 @@ delog = "0.1.6"
 hkdf = { version = "0.12", optional = true }
 rand_core = { version = "0.6.4", default-features = false }
 sha2 = { version = "0.10", default-features = false, optional = true }
-littlefs2-core = "0.1"
 salty = { version = "0.3.0", default-features = false }
 digest = { version = "0.10.7", default-features = false }
 hex-literal = { version = "0.4.0", optional = true }
@@ -57,7 +59,7 @@ trussed-fs-info = { version = "0.1.0", optional = true }
 [dev-dependencies]
 hex-literal = "0.4.0"
 hmac = "0.12.0"
-trussed = { workspace = true, features = ["virt"] }
+trussed = { workspace = true, features = ["aes256-cbc", "crypto-client", "filesystem-client", "hmac-sha256", "virt", "x255"] }
 
 [features]
 default = []
@@ -66,7 +68,7 @@ chunked = ["trussed-chunked", "chacha20poly1305/stream"]
 hkdf = ["trussed-hkdf", "dep:hkdf", "dep:sha2"]
 hpke = ["trussed-hpke", "dep:hkdf", "dep:sha2", "dep:hex-literal", "dep:aead", "dep:chacha20poly1305"]
 manage = ["trussed-manage"]
-wrap-key-to-file = ["dep:chacha20poly1305", "trussed-wrap-key-to-file"]
+wrap-key-to-file = ["dep:chacha20poly1305", "trussed-wrap-key-to-file", "trussed/chacha8-poly1305"]
 fs-info = ["trussed-fs-info"]
 
 virt = ["std", "trussed/virt"]
@@ -81,7 +83,8 @@ log-warn = []
 log-error = []
 
 [patch.crates-io]
-trussed = { git = "https://github.com/trussed-dev/trussed.git", rev = "046478b7a4f6e2315acf9112d98308379c2e3eee" }
+trussed = { git = "https://github.com/trussed-dev/trussed.git", branch = "core-modules" }
+trussed-core = { git = "https://github.com/trussed-dev/trussed.git", branch = "core-modules" }
 
 trussed-chunked = { path = "extensions/chunked" }
 trussed-hkdf = { path = "extensions/hkdf" }

extensions/chunked/Cargo.toml

@@ -12,4 +12,4 @@ license.workspace = true
 [dependencies]
 serde.workspace = true
 serde-byte-array.workspace = true
-trussed.workspace = true
+trussed-core = { workspace = true, features = ["filesystem-client"] }

extensions/chunked/src/lib.rs

@@ -9,10 +9,10 @@ pub mod utils;
 
 use serde::{Deserialize, Serialize};
 use serde_byte_array::ByteArray;
-use trussed::{
-    client::FilesystemClient,
+use trussed_core::{
     serde_extensions::{Extension, ExtensionClient, ExtensionResult},
     types::{KeyId, Location, Message, PathBuf, UserAttribute},
+    FilesystemClient,
 };
 
 pub const CHACHA8_STREAM_NONCE_LEN: usize = 8;
@@ -57,8 +57,8 @@ pub mod request {
     use super::*;
     use serde::{Deserialize, Serialize};
     use serde_byte_array::ByteArray;
-    use trussed::types::{KeyId, Location, Message, PathBuf, UserAttribute};
-    use trussed::Error;
+    use trussed_core::types::{KeyId, Location, Message, PathBuf, UserAttribute};
+    use trussed_core::Error;
 
     #[derive(Debug, PartialEq, Eq, Deserialize, Serialize)]
     pub struct ReadChunk {}
@@ -263,8 +263,8 @@ pub mod request {
 pub mod reply {
     use super::*;
     use serde::{Deserialize, Serialize};
-    use trussed::types::Message;
-    use trussed::Error;
+    use trussed_core::types::Message;
+    use trussed_core::Error;
 
     #[derive(Debug, PartialEq, Eq, Deserialize, Serialize)]
     pub struct ReadChunk {
@@ -542,7 +542,7 @@ pub trait ChunkedClient: ExtensionClient<ChunkedExtension> + FilesystemClient {
     /// Partially read a file from a given offset, returning a chunk of the given length and the
     /// total file size.
     ///
-    /// If the length is greater than [`trussed::config::MAX_MESSAGE_LENGTH`][] or if the offset is
+    /// If the length is greater than [`trussed_core::config::MAX_MESSAGE_LENGTH`][] or if the offset is
     /// greater than the file size, an error is returned.
     fn partial_read_file(
         &mut self,

extensions/chunked/src/utils.rs

@@ -2,7 +2,7 @@
 // SPDX-License-Identifier: Apache-2.0 or MIT
 
 use serde_byte_array::ByteArray;
-use trussed::{
+use trussed_core::{
     syscall, try_syscall,
     types::{KeyId, Location, Message, PathBuf, UserAttribute},
     Error,

extensions/fs-info/CHANGELOG.md

@@ -13,7 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 [Unreleased]: https://github.com/trussed-dev/trussed-staging/compare/fs-info-v0.1.0...HEAD
 
--
+- Replace `trussed` dependency with `trussed-core`.
 
 ## [0.1.0][] - 2024-10-18
 

extensions/fs-info/Cargo.toml

@@ -12,4 +12,4 @@ license.workspace = true
 [dependencies]
 serde.workspace = true
 serde-byte-array.workspace = true
-trussed.workspace = true
+trussed-core.workspace = true

extensions/fs-info/src/lib.rs

@@ -6,7 +6,7 @@
 #![deny(unsafe_code)]
 
 use serde::{Deserialize, Serialize};
-use trussed::{
+use trussed_core::{
     serde_extensions::{Extension, ExtensionClient, ExtensionResult},
     types::Location,
     Error,

extensions/hkdf/Cargo.toml

@@ -11,4 +11,4 @@ license.workspace = true
 
 [dependencies]
 serde.workspace = true
-trussed.workspace = true
+trussed-core.workspace = true

extensions/hkdf/src/lib.rs

@@ -6,7 +6,7 @@
 #![deny(unsafe_code)]
 
 use serde::{Deserialize, Serialize};
-use trussed::{
+use trussed_core::{
     config::MAX_MEDIUM_DATA_LENGTH,
     serde_extensions::{Extension, ExtensionClient, ExtensionResult},
     types::{Bytes, KeyId, Location, Message},

extensions/hpke/CHANGELOG.md

@@ -13,7 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 [Unreleased]: https://github.com/trussed-dev/trussed-staging/compare/hpke-v0.1.0...HEAD
 
--
+- Replace `trussed` dependency with `trussed-core`.
 
 ## [0.1.0][] - 2024-10-18
 

extensions/hpke/Cargo.toml

@@ -11,5 +11,5 @@ license.workspace = true
 
 [dependencies]
 serde.workspace = true
-trussed.workspace = true
+trussed-core.workspace = true
 serde-byte-array = "0.1.2"

extensions/hpke/src/lib.rs

@@ -11,9 +11,9 @@
 use serde::{Deserialize, Serialize};
 use serde_byte_array::ByteArray;
 
-use trussed::serde_extensions::{Extension, ExtensionClient, ExtensionResult};
-use trussed::types::{KeyId, Location, Message, PathBuf, ShortData};
-use trussed::Error;
+use trussed_core::serde_extensions::{Extension, ExtensionClient, ExtensionResult};
+use trussed_core::types::{KeyId, Location, Message, PathBuf, ShortData};
+use trussed_core::Error;
 
 #[derive(Deserialize, Serialize)]
 pub enum HpkeRequest {

extensions/manage/CHANGELOG.md

@@ -11,7 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased][]
 
--
+- Replace `trussed` dependency with `trussed-core`.
 
 [Unreleased]: https://github.com/trussed-dev/trussed-staging/compare/manage-v0.1.0...HEAD
 

extensions/manage/Cargo.toml

@@ -10,5 +10,6 @@ repository.workspace = true
 license.workspace = true
 
 [dependencies]
+littlefs2-core.workspace = true
 serde.workspace = true
-trussed.workspace = true
+trussed-core.workspace = true

extensions/manage/src/lib.rs

@@ -5,10 +5,10 @@
 #![warn(non_ascii_idents, trivial_casts, unused, unused_qualifications)]
 #![deny(unsafe_code)]
 
+use littlefs2_core::{Path, PathBuf};
 use serde::{Deserialize, Serialize};
-use trussed::{
+use trussed_core::{
     serde_extensions::{Extension, ExtensionClient, ExtensionResult},
-    types::{Path, PathBuf},
     Error,
 };
 

extensions/wrap-key-to-file/CHANGELOG.md

@@ -11,7 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased][]
 
--
+- Replace `trussed` dependency with `trussed-core`.
 
 [Unreleased]: https://github.com/trussed-dev/trussed-staging/compare/wrap-key-to-file-v0.1.0...HEAD
 

extensions/wrap-key-to-file/Cargo.toml

@@ -11,4 +11,4 @@ license.workspace = true
 
 [dependencies]
 serde.workspace = true
-trussed.workspace = true
+trussed-core = { workspace = true, features = ["filesystem-client"] }

extensions/wrap-key-to-file/src/lib.rs

@@ -6,10 +6,10 @@
 #![deny(unsafe_code)]
 
 use serde::{Deserialize, Serialize};
-use trussed::{
-    client::ClientError,
+use trussed_core::{
     serde_extensions::{Extension, ExtensionClient, ExtensionResult},
     types::{Bytes, KeyId, Location, Mechanism, PathBuf},
+    ClientError,
 };
 
 #[derive(Debug, Default)]
@@ -25,8 +25,8 @@ pub enum WrapKeyToFileRequest {
 pub mod request {
     use super::*;
     use serde::{Deserialize, Serialize};
-    use trussed::types::{KeyId, Location, Mechanism, Message, PathBuf};
-    use trussed::Error;
+    use trussed_core::types::{KeyId, Location, Mechanism, Message, PathBuf};
+    use trussed_core::Error;
 
     #[derive(Debug, Deserialize, Serialize)]
     pub struct WrapKeyToFile {
@@ -90,7 +90,7 @@ pub enum WrapKeyToFileReply {
 
 pub mod reply {
     use serde::{Deserialize, Serialize};
-    use trussed::{types::KeyId, Error};
+    use trussed_core::{types::KeyId, Error};
 
     use super::*;
 
@@ -145,7 +145,7 @@ pub type WrapKeyToFileResult<'a, R, C> = ExtensionResult<'a, WrapKeyToFileExtens
 pub trait WrapKeyToFileClient: ExtensionClient<WrapKeyToFileExtension> {
     /// Wrap a key to a file
     /// This enables wrapping keys that don't fit in the buffers used by
-    /// [`write_file`](trussed::client::FilesystemClient::write_file) and [`read_file`](trussed::client::FilesystemClient::read_file)
+    /// [`write_file`](trussed_core::FilesystemClient::write_file) and [`read_file`](trussed_core::FilesystemClient::read_file)
     fn wrap_key_to_file(
         &mut self,
         mechanism: Mechanism,
@@ -169,7 +169,7 @@ pub trait WrapKeyToFileClient: ExtensionClient<WrapKeyToFileExtension> {
 
     /// Wrap a key to a file
     /// This enables wrapping keys that don't fit in the buffers used by
-    /// [`write_file`](trussed::client::FilesystemClient::write_file) and [`read_file`](trussed::client::FilesystemClient::read_file)
+    /// [`write_file`](trussed_core::FilesystemClient::write_file) and [`read_file`](trussed_core::FilesystemClient::read_file)
     fn unwrap_key_from_file(
         &mut self,
         mechanism: Mechanism,

src/virt.rs

@@ -175,7 +175,7 @@ impl ExtensionDispatch for Dispatcher {
                 )
             }
 
-            #[cfg(feature = "chunked")]
+            #[cfg(feature = "hkdf")]
             ExtensionIds::Hkdf => ExtensionImpl::<HkdfExtension>::extension_request_serialized(
                 &mut self.backend,
                 &mut ctx.core,

tests/hkdf.rs

@@ -1,7 +1,7 @@
 // Copyright (C) Nitrokey GmbH
 // SPDX-License-Identifier: Apache-2.0 or MIT
 
-#![cfg(all(feature = "virt", feature = "manage"))]
+#![cfg(all(feature = "virt", feature = "hkdf"))]
 
 use hex_literal::hex;
 use hkdf::Hkdf;

tests/hpke.rs

@@ -14,7 +14,7 @@ use trussed_hpke::HpkeClient;
 
 use trussed_staging::virt;
 
-fn assert_symkey_eq<C: trussed::Client>(this: KeyId, other: KeyId, client: &mut C) {
+fn assert_symkey_eq<C: CryptoClient>(this: KeyId, other: KeyId, client: &mut C) {
     let hmac_this = syscall!(client.sign(
         Mechanism::HmacSha256,
         this,

tests/wrap_key_to_file.rs

@@ -15,7 +15,7 @@ use trussed_staging::virt::with_ram_client;
 
 use trussed_wrap_key_to_file::WrapKeyToFileClient;
 
-fn assert_key_eq(key1: KeyId, key2: KeyId, client: &mut impl trussed::Client) {
+fn assert_key_eq(key1: KeyId, key2: KeyId, client: &mut impl CryptoClient) {
     let derivative1 = syscall!(client.sign(
         Mechanism::HmacSha256,
         key1,