Cleanup reexports, modules and dependencies and release v0.2.0-rc.1

CHANGELOG.md

@@ -6,6 +6,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+[Unreleased]: https://github.com/trussed-dev/trussed/compare/v0.2.0-rc.1...HEAD
+
+-
+
+## [0.2.0-rc.1] - 2026-06-05
+
+[0.2.0-rc.1]: https://github.com/trussed-dev/trussed/releases/tag/v0.2.0-rc.1
+
 ### Added
 
 - Added `init_raw` constructor for types generated by the `store!` macro.
@@ -102,5 +110,4 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 Initial release.
 
-[Unreleased]: https://github.com/trussed-dev/trussed/compare/0.1.0...HEAD
-[0.1.0]: https://github.com/trussed-dev/trussed/releases/tag/v0.1.0
+[0.1.0]: https://github.com/trussed-dev/trussed/releases/tag/0.1.0

Cargo.toml

@@ -17,7 +17,7 @@ serde = { version = "1.0", default-features = false, features = ["derive"] }
 
 [package]
 name = "trussed"
-version = "0.1.0"
+version = "0.2.0-rc.1"
 description = "Modern Cryptographic Firmware"
 readme = "README.md"
 
@@ -32,12 +32,8 @@ trussed-core = "0.2.2"
 
 # general
 bitflags = { version = "2.1" }
-# const-oid = "0.4.5"
-cfg-if = "1.0"
-flexiber = { version = "0.2.0", features = ["derive", "heapless"] }
-generic-array = "0.14.4"
-hex-literal = "0.4.1"
-nb = "1"
+generic-array = { version = "0.14.4", optional = true }
+hex-literal = { version = "0.4.1", optional = true }
 postcard.workspace = true
 rand_core.workspace = true
 serde.workspace = true
@@ -46,38 +42,42 @@ rand_chacha = { version = "0.3.1", default-features = false }
 
 # RustCrypto
 aead = { version = "0.5", default-features = false, optional = true }
-aes = { version = "0.8", default-features = false }
+aes = { version = "0.8", default-features = false, optional = true }
 aes-gcm = { version = "0.10", default-features = false, features = ["aes"], optional = true }
-cbc = "0.1.2"
+cbc = { version = "0.1.2", optional = true }
 cipher = { version = "0.4", optional = true }
 blake2 = { version = "0.10", default-features = false, optional = true }
-chacha20 = { version = "0.9", default-features = false }
-chacha20poly1305 = { version = "0.10", default-features = false, features = ["reduced-round"] }
+chacha20poly1305 = { version = "0.10", default-features = false, features = ["reduced-round"], optional = true }
 des = { version = "0.8", optional = true }
-hmac = "0.12"
+hmac = { version = "0.12", optional = true }
 sha-1 = { version = "0.10", default-features = false, optional = true }
-sha2 = { version = "0.10", default-features = false }
+sha2 = { version = "0.10", default-features = false, optional = true }
 
 # ours
-cosey = "0.4"
+cbor-smol = { version = "0.5", features = ["heapless-bytes-v0-5"], optional = true }
+cosey = { version = "0.4", optional = true }
 delog = "0.1.0"
-cbor-smol = { version = "0.5", features = ["heapless-bytes-v0-5"] }
+flexiber = { version = "0.2.0", features = ["derive", "heapless"], optional = true }
 heapless-bytes = { workspace = true, features = ["heapless-0.9"] }
 interchange = "0.3.0"
 littlefs2 = "0.7.0"
 littlefs2-core = { workspace = true, features = ["heapless-bytes05"] }
-p256-cortex-m4 = { version = "0.1.0-alpha.6", features = ["prehash", "sec1-signatures"] }
-salty = "0.3"
+p256-cortex-m4 = { version = "0.1.0-alpha.6", features = ["prehash", "sec1-signatures"], optional = true }
+salty = { version = "0.3", optional = true }
 p384 = { version = "0.13.0", optional = true, default-features = false, features = ["sha384", "ecdh", "ecdsa"] }
 p521 = { version = "0.13.3", optional = true, default-features = false, features = ["sha512", "ecdh", "ecdsa"] }
 ecdsa = { version = "0.16.9", optional = true, default-features = false }
 
 [dev-dependencies]
 # Testing
+chacha20 = { version = "0.9", default-features = false }
 serial_test = { version = "2" }
 entropy = "0.4.0"
+generic-array = "0.14.4"
+hex-literal = "0.4.1"
 once_cell = "1.13.0"
 serde_test = "1"
+sha2 = { version = "0.10", default-features = false }
 trussed-derive = { path = "derive" }
 littlefs2 = "0.7"
 # Somehow, this is causing a regression.
@@ -89,7 +89,7 @@ serde-extensions = ["trussed-core/serde-extensions"]
 std = []
 verbose-tests = ["littlefs2/ll-assertions"]
 verbose-lfs = ["littlefs2/ll-assertions", "littlefs2/ll-trace"]
-virt = ["std", "littlefs2/alloc"]
+virt = ["std", "littlefs2/alloc", "dep:generic-array"]
 
 log-all = []
 log-none = []
@@ -118,23 +118,23 @@ default-mechanisms = [
     "totp",
     "trng",
 ]
-aes256-cbc = ["trussed-core/aes256-cbc"]
+aes256-cbc = ["trussed-core/aes256-cbc", "dep:aes", "dep:cbc"]
 aes256-gcm = ["trussed-core/aes256-gcm", "dep:aead", "dep:aes-gcm", "dep:cipher"]
-chacha8-poly1305 = ["trussed-core/chacha8-poly1305", "dep:aead", "dep:cipher"]
-ed255 = ["trussed-core/ed255"]
-x255 = ["trussed-core/x255"]
-hmac-blake2s = ["trussed-core/hmac-blake2s", "blake2"]
-hmac-sha1 = ["trussed-core/hmac-sha1", "sha-1"]
-hmac-sha256 = ["trussed-core/hmac-sha256"]
-hmac-sha512 = ["trussed-core/hmac-sha512"]
-p256 = ["trussed-core/p256"]
+chacha8-poly1305 = ["trussed-core/chacha8-poly1305", "dep:aead", "dep:chacha20poly1305", "dep:cipher"]
+ed255 = ["trussed-core/ed255", "dep:cbor-smol", "dep:cosey", "dep:salty"]
+x255 = ["trussed-core/x255", "dep:salty"]
+hmac-blake2s = ["trussed-core/hmac-blake2s", "dep:blake2", "dep:hmac"]
+hmac-sha1 = ["trussed-core/hmac-sha1", "dep:hmac", "dep:sha-1"]
+hmac-sha256 = ["trussed-core/hmac-sha256", "dep:hmac", "dep:sha2"]
+hmac-sha512 = ["trussed-core/hmac-sha512", "dep:hmac", "dep:sha2"]
+p256 = ["trussed-core/p256", "dep:cbor-smol", "dep:cosey", "dep:p256-cortex-m4"]
 p384 = ["trussed-core/p384", "dep:p384"]
 p521 = ["trussed-core/p521", "dep:p521", "dep:ecdsa"]
-sha256 = ["trussed-core/sha256"]
+sha256 = ["trussed-core/sha256", "dep:sha2"]
 shared-secret = ["trussed-core/shared-secret"]
-tdes = ["trussed-core/tdes", "des"]
-totp = ["trussed-core/totp", "sha-1"]
-trng = ["trussed-core/trng", "sha-1"]
+tdes = ["trussed-core/tdes", "dep:des", "dep:generic-array"]
+totp = ["trussed-core/totp", "dep:hmac", "dep:sha-1"]
+trng = ["trussed-core/trng", "dep:sha-1"]
 
 # clients
 all-clients = [
@@ -146,7 +146,7 @@ all-clients = [
   "management-client",
   "ui-client",
 ]
-attestation-client = ["crypto-client", "ed255", "p256", "trussed-core/attestation-client"]
+attestation-client = ["crypto-client", "ed255", "p256", "trussed-core/attestation-client", "dep:flexiber", "dep:hex-literal"]
 certificate-client = ["trussed-core/certificate-client"]
 crypto-client = ["trussed-core/crypto-client"]
 counter-client = ["trussed-core/counter-client"]

derive/Cargo.toml

@@ -18,3 +18,4 @@ syn = "2.0.53"
 [dev-dependencies]
 serde = { version = "1.0", default-features = false }
 trussed = { path = "..", features = ["serde-extensions", "virt"] }
+trussed-core = { path = "../core", features = ["serde-extensions"] }

derive/examples/dispatch.rs

@@ -22,11 +22,9 @@ struct Dispatch {
 fn main() {
     use trussed::{
         backend::BackendId,
-        client::CryptoClient,
-        try_syscall,
         virt::{self, StoreConfig},
-        Error,
     };
+    use trussed_core::{try_syscall, CryptoClient, Error};
 
     fn run(backends: &'static [BackendId<Backend>], expected: Option<Error>) {
         virt::with_platform(StoreConfig::ram(), |platform| {

derive/examples/extension-dispatch.rs

@@ -1,13 +1,14 @@
-use trussed::Error;
+use trussed_core::Error;
 
 mod backends {
     use super::extensions::{
         SampleExtension, SampleReply, SampleRequest, TestExtension, TestReply, TestRequest,
     };
     use trussed::{
         backend::Backend, platform::Platform, serde_extensions::ExtensionImpl,
-        service::ServiceResources, types::CoreContext, Error,
+        service::ServiceResources, types::CoreContext,
     };
+    use trussed_core::Error;
 
     #[derive(Default)]
     pub struct ABackend;
@@ -50,7 +51,7 @@ mod backends {
 
 mod extensions {
     use serde::{Deserialize, Serialize};
-    use trussed::{
+    use trussed_core::{
         serde_extensions::{Extension, ExtensionClient, ExtensionResult},
         Error,
     };
@@ -138,9 +139,9 @@ fn main() {
     use extensions::TestClient;
     use trussed::{
         backend::BackendId,
-        try_syscall,
         virt::{self, StoreConfig},
     };
+    use trussed_core::try_syscall;
 
     fn run(backends: &'static [BackendId<Backend>], expected: Option<Error>) {
         virt::with_platform(StoreConfig::ram(), |platform| {

derive/src/dispatch.rs

@@ -50,9 +50,9 @@ impl Dispatch {
                     &mut self,
                     backend: &Self::BackendId,
                     ctx: &mut ::trussed::types::Context<Self::Context>,
-                    request: &::trussed::api::Request,
+                    request: &::trussed_core::api::Request,
                     resources: &mut ::trussed::service::ServiceResources<P>,
-                ) -> ::core::result::Result<::trussed::api::Reply, ::trussed::error::Error> {
+                ) -> ::core::result::Result<::trussed_core::api::Reply, ::trussed_core::Error> {
                     match backend {
                         #(#requests)*
                     }

derive/src/extension_dispatch.rs

@@ -95,9 +95,9 @@ impl ExtensionDispatch {
                     &mut self,
                     backend: &Self::BackendId,
                     ctx: &mut ::trussed::types::Context<Self::Context>,
-                    request: &::trussed::api::Request,
+                    request: &::trussed_core::api::Request,
                     resources: &mut ::trussed::service::ServiceResources<P>,
-                ) -> ::core::result::Result<::trussed::api::Reply, ::trussed::error::Error> {
+                ) -> ::core::result::Result<::trussed_core::api::Reply, ::trussed_core::Error> {
                     match backend {
                         #(#requests)*
                         #(#delegated_requests)*
@@ -109,9 +109,9 @@ impl ExtensionDispatch {
                     backend: &Self::BackendId,
                     extension: &Self::ExtensionId,
                     ctx: &mut ::trussed::types::Context<Self::Context>,
-                    request: &::trussed::api::request::SerdeExtension,
+                    request: &::trussed_core::api::request::SerdeExtension,
                     resources: &mut ::trussed::service::ServiceResources<P>,
-                ) -> ::core::result::Result<::trussed::api::reply::SerdeExtension, ::trussed::error::Error> {
+                ) -> ::core::result::Result<::trussed_core::api::reply::SerdeExtension, ::trussed_core::Error> {
                     match backend {
                         #(#extension_requests)*
                         #(#delegated_extension_requests)*
@@ -289,7 +289,7 @@ impl Backend {
         let id = &self.id;
         let request = if self.no_core {
             quote! {
-                Err(::trussed::Error::RequestNotAvailable)
+                Err(::trussed_core::Error::RequestNotAvailable)
             }
         } else {
             let Self { index, field, .. } = self;
@@ -312,7 +312,7 @@ impl Backend {
         quote! {
             Self::BackendId::#id => match extension {
                 #(#extension_requests)*
-                _ => Err(::trussed::error::Error::RequestNotAvailable),
+                _ => Err(::trussed_core::Error::RequestNotAvailable),
             }
         }
     }
@@ -366,7 +366,7 @@ impl DelegatedBackend {
         let id = &self.id;
         let request = if self.no_core {
             quote! {
-                Err(::trussed::Error::RequestNotAvailable)
+                Err(::trussed_core::Error::RequestNotAvailable)
             }
         } else {
             let Self { backend, field, .. } = self;
@@ -403,7 +403,7 @@ impl DelegatedBackend {
                 let _ = self.#field;
                 match extension {
                     #(#extension_requests)*
-                    _ => Err(::trussed::error::Error::RequestNotAvailable),
+                    _ => Err(::trussed_core::Error::RequestNotAvailable),
                 }
             }
         }

derive/src/extension_id.rs

@@ -44,12 +44,12 @@ impl ExtensionId {
             }
 
             impl #impl_generics ::core::convert::TryFrom<u8> for #name #ty_generics #where_clause {
-                type Error = ::trussed::Error;
+                type Error = ::trussed_core::Error;
 
                 fn try_from(value: u8) -> ::core::result::Result<Self, Self::Error> {
                     match value {
                         #(#try_from)*
-                        _ => Err(::trussed::Error::InternalError),
+                        _ => Err(::trussed_core::Error::InternalError),
                     }
                 }
             }

src/backend.rs

@@ -8,9 +8,12 @@
 //! Backends can also implement API extensions to provide additional syscalls (see the
 //! [`serde_extensions`][`crate::serde_extensions`] module).
 
-use crate::{
+use trussed_core::{
     api::{Reply, Request},
-    error::Error,
+    Error,
+};
+
+use crate::{
     platform::Platform,
     service::ServiceResources,
     types::{Context, CoreContext},

src/client.rs

@@ -77,40 +77,27 @@
 //!
 use core::{marker::PhantomData, task::Poll};
 
-use crate::api::{Reply, RequestVariant};
+use trussed_core::{
+    api::{Reply, RequestVariant},
+    ClientError, ClientResult, Error, FutureResult, InterruptFlag, PollClient, Result,
+};
+
 use crate::backend::CoreOnly;
-use crate::error::{Error, Result};
-use crate::interrupt::InterruptFlag;
 use crate::pipe::TrussedRequester;
+use crate::platform::Syscall;
 
-pub use crate::platform::Syscall;
-
-#[cfg(feature = "crypto-client")]
-pub mod mechanisms;
 #[cfg(feature = "crypto-client")]
-pub use mechanisms::*;
-
-pub use trussed_core::{ClientError, ClientResult, FutureResult, PollClient};
-
-#[cfg(feature = "attestation-client")]
-pub use trussed_core::AttestationClient;
-#[cfg(feature = "certificate-client")]
-pub use trussed_core::CertificateClient;
-#[cfg(feature = "counter-client")]
-pub use trussed_core::CounterClient;
-#[cfg(feature = "crypto-client")]
-pub use trussed_core::CryptoClient;
-#[cfg(feature = "filesystem-client")]
-pub use trussed_core::FilesystemClient;
-#[cfg(feature = "management-client")]
-pub use trussed_core::ManagementClient;
-#[cfg(feature = "ui-client")]
-pub use trussed_core::UiClient;
+mod mechanisms;
 
 /// All-in-one trait bounding on the sub-traits.
 #[cfg(feature = "all-clients")]
 pub trait Client:
-    CertificateClient + CryptoClient + CounterClient + FilesystemClient + ManagementClient + UiClient
+    trussed_core::CertificateClient
+    + trussed_core::CryptoClient
+    + trussed_core::CounterClient
+    + trussed_core::FilesystemClient
+    + trussed_core::ManagementClient
+    + trussed_core::UiClient
 {
 }
 
@@ -223,14 +210,14 @@ where
 }
 
 #[cfg(feature = "certificate-client")]
-impl<S: Syscall, E> CertificateClient for ClientImplementation<'_, S, E> {}
+impl<S: Syscall, E> trussed_core::CertificateClient for ClientImplementation<'_, S, E> {}
 #[cfg(feature = "crypto-client")]
-impl<S: Syscall, E> CryptoClient for ClientImplementation<'_, S, E> {}
+impl<S: Syscall, E> trussed_core::CryptoClient for ClientImplementation<'_, S, E> {}
 #[cfg(feature = "counter-client")]
-impl<S: Syscall, E> CounterClient for ClientImplementation<'_, S, E> {}
+impl<S: Syscall, E> trussed_core::CounterClient for ClientImplementation<'_, S, E> {}
 #[cfg(feature = "filesystem-client")]
-impl<S: Syscall, E> FilesystemClient for ClientImplementation<'_, S, E> {}
+impl<S: Syscall, E> trussed_core::FilesystemClient for ClientImplementation<'_, S, E> {}
 #[cfg(feature = "management-client")]
-impl<S: Syscall, E> ManagementClient for ClientImplementation<'_, S, E> {}
+impl<S: Syscall, E> trussed_core::ManagementClient for ClientImplementation<'_, S, E> {}
 #[cfg(feature = "ui-client")]
-impl<S: Syscall, E> UiClient for ClientImplementation<'_, S, E> {}
+impl<S: Syscall, E> trussed_core::UiClient for ClientImplementation<'_, S, E> {}

src/client/mechanisms.rs

@@ -1,7 +1,7 @@
 use super::ClientImplementation;
 use crate::platform::Syscall;
 
-pub use trussed_core::mechanisms::*;
+use trussed_core::mechanisms::*;
 
 #[cfg(feature = "aes256-cbc")]
 impl<S: Syscall, E> Aes256Cbc for ClientImplementation<'_, S, E> {}