wip intermediate

benma · benma · commit fc4c3c70e181 · 2025-04-29T00:11:42.000+02:00
So C tests can be shown to pass with the Rust impl.
diff --git a/src/keystore.c b/src/keystore.c
@@ -210,67 +210,12 @@ static keystore_error_t _get_and_decrypt_seed(
     return KEYSTORE_OK;
 }
 
-static bool _verify_seed(
-    const char* password,
-    const uint8_t* expected_seed,
-    size_t expected_seed_len)
-{
-    uint8_t decrypted_seed[KEYSTORE_MAX_SEED_LENGTH] = {0};
-    size_t seed_len;
-    UTIL_CLEANUP_32(decrypted_seed);
-    if (_get_and_decrypt_seed(password, decrypted_seed, &seed_len, NULL) != KEYSTORE_OK) {
-        return false;
-    }
-    if (expected_seed_len != seed_len) {
-        return false;
-    }
-    if (!MEMEQ(expected_seed, decrypted_seed, seed_len)) {
-        return false;
-    }
-    return true;
-}
-
 keystore_error_t keystore_encrypt_and_store_seed(
     const uint8_t* seed,
     size_t seed_length,
     const char* password)
 {
-    if (memory_is_initialized()) {
-        return KEYSTORE_ERR_MEMORY;
-    }
-    keystore_lock();
-    if (!_validate_seed_length(seed_length)) {
-        return KEYSTORE_ERR_SEED_SIZE;
-    }
-    if (securechip_init_new_password(password)) {
-        return KEYSTORE_ERR_SECURECHIP;
-    }
-    uint8_t secret[32] = {0};
-    UTIL_CLEANUP_32(secret);
-    if (securechip_stretch_password(password, secret)) {
-        return KEYSTORE_ERR_SECURECHIP;
-    }
-
-    size_t encrypted_seed_len = seed_length + 64;
-    uint8_t encrypted_seed[encrypted_seed_len];
-    UTIL_CLEANUP_32(encrypted_seed);
-    if (!cipher_aes_hmac_encrypt(seed, seed_length, encrypted_seed, &encrypted_seed_len, secret)) {
-        return KEYSTORE_ERR_ENCRYPT;
-    }
-    if (encrypted_seed_len > 255) { // sanity check, can't happen
-        Abort("keystore_encrypt_and_store_seed");
-    }
-    uint8_t encrypted_seed_len_u8 = (uint8_t)encrypted_seed_len;
-    if (!memory_set_encrypted_seed_and_hmac(encrypted_seed, encrypted_seed_len_u8)) {
-        return KEYSTORE_ERR_MEMORY;
-    }
-    if (!_verify_seed(password, seed, seed_length)) {
-        if (!memory_reset_hww()) {
-            return KEYSTORE_ERR_MEMORY;
-        }
-        return KEYSTORE_ERR_MEMORY;
-    }
-    return KEYSTORE_OK;
+    return rust_keystore_encrypt_and_store_seed(rust_util_bytes(seed, seed_length), password);
 }
 
 keystore_error_t keystore_create_and_store_seed(
diff --git a/src/rust/bitbox02-rust-c/src/keystore.rs b/src/rust/bitbox02-rust-c/src/keystore.rs
@@ -0,0 +1,38 @@
+// Copyright 2025 Shift Cryptosecurity AG
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+extern crate alloc;
+use crate::util::Bytes;
+
+use bitbox02::keystore::keystore_error_t;
+use bitbox02_rust::keystore::Error;
+
+#[no_mangle]
+pub unsafe extern "C" fn rust_keystore_encrypt_and_store_seed(
+    seed: Bytes,
+    password: *const core::ffi::c_char,
+) -> u8 {
+    let password_str = core::ffi::CStr::from_ptr(password).to_str().unwrap();
+    match bitbox02_rust::keystore::encrypt_and_store_seed(seed.as_ref(), password_str) {
+        Ok(()) => 0,
+        Err(err) => match err {
+            // In C this err didn't exist and ERR_MEMORY was used.
+            Error::AlreadyInitialized => keystore_error_t::KEYSTORE_ERR_MEMORY as _,
+            Error::Memory => keystore_error_t::KEYSTORE_ERR_MEMORY as _,
+            Error::SeedSize => keystore_error_t::KEYSTORE_ERR_SEED_SIZE as _,
+            Error::SecureChip => keystore_error_t::KEYSTORE_ERR_SECURECHIP as _,
+            Error::IncorrectPassword => keystore_error_t::KEYSTORE_ERR_INCORRECT_PASSWORD as _,
+        },
+    }
+}
diff --git a/src/rust/bitbox02-rust-c/src/lib.rs b/src/rust/bitbox02-rust-c/src/lib.rs
@@ -36,6 +36,8 @@ mod p256;
 mod sha2;
 #[cfg(feature = "firmware")]
 mod workflow;
+#[cfg(feature = "firmware")]
+mod keystore;
 
 #[cfg(feature = "firmware")]
 mod der;
diff --git a/src/rust/bitbox02-rust/src/keystore.rs b/src/rust/bitbox02-rust/src/keystore.rs
@@ -51,7 +51,7 @@ fn get_and_decrypt_seed(password: &str) -> Result<zeroize::Zeroizing<Vec<u8>>, E
 
 pub fn encrypt_and_store_seed(seed: &[u8], password: &str) -> Result<(), Error> {
     if memory::is_initialized() {
-        return Err(Error::AlreadyInitialized);
+        return Err(Error::Memory);
     }
     keystore::lock();
     validate_seed_length(seed.len())?;
diff --git a/src/rust/bitbox02/src/keystore.rs b/src/rust/bitbox02/src/keystore.rs
@@ -19,7 +19,7 @@ use alloc::vec::Vec;
 
 use core::convert::TryInto;
 
-use bitbox02_sys::keystore_error_t;
+pub use bitbox02_sys::keystore_error_t;
 
 pub const BIP39_WORDLIST_LEN: u16 = bitbox02_sys::BIP39_WORDLIST_LEN as u16;
 pub const EC_PUBLIC_KEY_LEN: usize = bitbox02_sys::EC_PUBLIC_KEY_LEN as _;

Original file line number	Diff line number	Diff line change
`@@ -51,7 +51,7 @@ fn get_and_decrypt_seed(password: &str) -> Result<zeroize::Zeroizing<Vec<u8>>, E`
`51`	`51`
`52`	`52`	`pub fn encrypt_and_store_seed(seed: &[u8], password: &str) -> Result<(), Error> {`
`53`	`53`	`if memory::is_initialized() {`
`54`		`- return Err(Error::AlreadyInitialized);`
	`54`	`+ return Err(Error::Memory);`
`55`	`55`	`}`
`56`	`56`	`keystore::lock();`
`57`	`57`	`validate_seed_length(seed.len())?;`