rust: port ListBackups api call to Rust

- wrap sd_list_subdir
- use it to list and return backups
- remove C code that becomes unused

Author: benma

CHANGELOG.md

@@ -7,6 +7,9 @@ customers cannot upgrade their bootloader, its changes are recorded separately.
 ## Firmware
 
 ### [Unreleased]
+- ListBackups: ported to Rust
+
+### 9.8.0 [released 2021-10-21]
 - Multi edition: add Cardano support.
 - Allow recovery words that convert to a zero seed, such as the 12 words `abandon abandon .... about`.
 - RestoreBackup: ported to Rust. Will now return UserAbortError on user abort instead of GenericError.

messages/backup_commands.options

@@ -15,8 +15,4 @@
 * mangle_names:M_STRIP_PACKAGE
 
 CheckBackupResponse.id fixed_length:true max_size:65
-ListBackupsResponse.info max_count:50
-// One backup per seed -> 100 seeds may be backed up per SD card. Adapt this number if it is too small.
-BackupInfo.id fixed_length:true max_size:65
-BackupInfo.name fixed_length:true max_size:64
 RestoreBackupRequest.id fixed_length:true max_size:65

src/CMakeLists.txt

@@ -44,7 +44,6 @@ set(DBB-FIRMWARE-SOURCES
   ${CMAKE_SOURCE_DIR}/src/workflow/blocking.c
   ${CMAKE_SOURCE_DIR}/src/workflow/confirm.c
   ${CMAKE_SOURCE_DIR}/src/workflow/idle_workflow.c
-  ${CMAKE_SOURCE_DIR}/src/workflow/restore.c
   ${CMAKE_SOURCE_DIR}/src/workflow/orientation_screen.c
   ${CMAKE_SOURCE_DIR}/src/workflow/status.c
   ${CMAKE_SOURCE_DIR}/src/workflow/verify_recipient.c
@@ -400,6 +399,8 @@ add_custom_target(rust-bindgen
     --whitelist-function reset_reset
     --whitelist-function sd_card_inserted
     --whitelist-function sd_format
+    --whitelist-function sd_list_subdir
+    --whitelist-function sd_free_list
     --whitelist-var BIP39_WORDLIST_LEN
     --whitelist-function app_eth_params_get
     --whitelist-function app_eth_erc20_params_get

src/backup/restore.c

@@ -247,41 +247,3 @@ restore_error_t restore_from_directory(const char* dir, Backup* backup, BackupDa
     // the bits that are diverging.
     return RESTORE_OK;
 }
-
-restore_error_t restore_list_backups(ListBackupsResponse* backups)
-{
-    sd_list_t list_subdirs __attribute__((__cleanup__(sd_free_list)));
-    if (!sd_list(&list_subdirs)) {
-        return RESTORE_ERR_SD_LIST;
-    }
-    backups->info_count = 0;
-    for (size_t i = 0; i < list_subdirs.num_files; i++) {
-        if (backups->info_count >= sizeof(backups->info) / sizeof(backups->info[0])) {
-            return RESTORE_TOO_MANY;
-        }
-        char* dir = list_subdirs.files[i];
-        Backup __attribute__((__cleanup__(backup_cleanup_backup))) backup;
-        BackupData __attribute__((__cleanup__(backup_cleanup_backup_data))) backup_data;
-        if (restore_from_directory(dir, &backup, &backup_data) != RESTORE_OK) {
-            continue;
-        }
-        backups->info[backups->info_count].timestamp = backup.backup_v1.content.metadata.timestamp;
-        size_t id_size = sizeof(backups->info[backups->info_count].id);
-        int snprintf_result = snprintf(backups->info[backups->info_count].id, id_size, "%s", dir);
-        if (snprintf_result < 0 || snprintf_result >= (int)id_size) {
-            return RESTORE_ERR_SD_LIST;
-        }
-        size_t name_size = sizeof(backups->info[backups->info_count].name);
-        snprintf_result = snprintf(
-            backups->info[backups->info_count].name,
-            name_size,
-            "%s",
-            backup.backup_v1.content.metadata.name);
-        if (snprintf_result < 0 || snprintf_result >= (int)name_size) {
-            return RESTORE_ERR_SD_LIST;
-        }
-        backups->info_count++;
-    }
-
-    return RESTORE_OK;
-}

src/backup/restore.h

@@ -35,11 +35,6 @@ restore_error_t restore_from_buffer(
     Backup* backup,
     BackupData* backup_data);
 
-/**
- * Returns a list of backup information to the caller.
- */
-restore_error_t restore_list_backups(ListBackupsResponse* backups);
-
 /**
  * Restore a backup from directory.
  * @param[in] dir The directory from which we want to restore the backup.

src/commander/commander.c

@@ -29,8 +29,6 @@
 #include <util.h>
 #include <version.h>
 
-#include <workflow/restore.h>
-
 #include "hww.pb.h"
 
 #include <apps/btc/btc.h>
@@ -51,16 +49,6 @@ static void _report_error(Response* response, commander_error_t error_code)
     response->which_response = Response_error_tag;
 }
 
-// ------------------------------------ API ------------------------------------- //
-
-static commander_error_t _api_list_backups(ListBackupsResponse* response)
-{
-    if (!workflow_list_backups(response)) {
-        return COMMANDER_ERR_GENERIC;
-    }
-    return COMMANDER_OK;
-}
-
 // ------------------------------------ Process ------------------------------------- //
 
 /**
@@ -85,11 +73,9 @@ static commander_error_t _api_process(const Request* request, Response* response
     case Request_btc_sign_init_tag:
     case Request_btc_sign_input_tag:
     case Request_btc_sign_output_tag:
+        (void)response;
         return COMMANDER_ERR_DISABLED;
 #endif
-    case Request_list_backups_tag:
-        response->which_response = Response_list_backups_tag;
-        return _api_list_backups(&(response->response.list_backups));
     default:
         screen_print_debug("command unknown", 1000);
         return COMMANDER_ERR_INVALID_INPUT;

src/rust/bitbox02-rust/src/hww/api.rs

@@ -132,6 +132,7 @@ async fn process_api(request: &Request) -> Option<Result<Response, Error>> {
             Some(set_mnemonic_passphrase_enabled::process(request).await)
         }
         Request::InsertRemoveSdcard(ref request) => Some(sdcard::process(request).await),
+        Request::ListBackups(_) => Some(backup::list()),
         Request::CheckSdcard(_) => Some(Ok(Response::CheckSdcard(pb::CheckSdCardResponse {
             inserted: bitbox02::sdcard_inserted(),
         }))),

src/rust/bitbox02-rust/src/hww/api/backup.rs

@@ -15,6 +15,8 @@
 use super::Error;
 use crate::pb;
 
+use alloc::vec::Vec;
+
 use pb::response::Response;
 
 use crate::workflow::{confirm, status, unlock};
@@ -138,13 +140,31 @@ pub async fn create(
     }
 }
 
+pub fn list() -> Result<Response, Error> {
+    let mut info: Vec<pb::BackupInfo> = Vec::new();
+    for dir in bitbox02::sd::list_subdir(None)? {
+        let data = match bitbox02::backup::restore_from_directory(&dir) {
+            Ok(data) => data,
+            Err(_) => continue,
+        };
+        info.push(pb::BackupInfo {
+            id: dir,
+            timestamp: data.timestamp,
+            name: data.name,
+        })
+    }
+    Ok(Response::ListBackups(pb::ListBackupsResponse { info }))
+}
+
 #[cfg(test)]
 mod tests {
     extern crate std;
     use super::*;
 
     use crate::bb02_async::block_on;
-    use bitbox02::testing::{mock, mock_memory, mock_sd, mock_unlocked, Data, MUTEX};
+    use bitbox02::testing::{
+        mock, mock_memory, mock_sd, mock_unlocked, mock_unlocked_using_mnemonic, Data, MUTEX,
+    };
     use std::boxed::Box;
 
     /// Test backup creation on a uninitialized keystore.
@@ -174,4 +194,84 @@ mod tests {
         );
         assert_eq!(EXPECTED_TIMESTMAP, bitbox02::memory::get_seed_birthdate());
     }
+
+    #[test]
+    pub fn test_list() {
+        let _guard = MUTEX.lock().unwrap();
+        const EXPECTED_TIMESTMAP: u32 = 1601281809;
+
+        const DEVICE_NAME_1: &str = "test device name";
+        const DEVICE_NAME_2: &str = "another test device name";
+
+        mock_sd();
+
+        // No backups yet.
+        assert_eq!(
+            list(),
+            Ok(Response::ListBackups(pb::ListBackupsResponse {
+                info: vec![]
+            }))
+        );
+
+        // Create one backup.
+        mock(Data {
+            sdcard_inserted: Some(true),
+            ui_confirm_create: Some(Box::new(|_params| true)),
+            ..Default::default()
+        });
+        mock_unlocked_using_mnemonic("purity concert above invest pigeon category peace tuition hazard vivid latin since legal speak nation session onion library travel spell region blast estate stay");
+        mock_memory();
+        bitbox02::memory::set_device_name(DEVICE_NAME_1).unwrap();
+        assert!(block_on(create(&pb::CreateBackupRequest {
+            timestamp: EXPECTED_TIMESTMAP,
+            timezone_offset: 18000,
+        }))
+        .is_ok());
+
+        assert_eq!(
+            list(),
+            Ok(Response::ListBackups(pb::ListBackupsResponse {
+                info: vec![pb::BackupInfo {
+                    id: "41233dfbad010723dbbb93514b7b81016b73f8aa35c5148e1b478f60d5750dce".into(),
+                    timestamp: EXPECTED_TIMESTMAP,
+                    name: DEVICE_NAME_1.into(),
+                }]
+            }))
+        );
+
+        // Create another backup.
+        mock(Data {
+            sdcard_inserted: Some(true),
+            ui_confirm_create: Some(Box::new(|_params| true)),
+            ..Default::default()
+        });
+        mock_unlocked_using_mnemonic("goddess item rack improve shaft occur actress rib emerge salad rich blame model glare lounge stable electric height scrub scrub oyster now dinner oven");
+        mock_memory();
+        bitbox02::memory::set_device_name(DEVICE_NAME_2).unwrap();
+        assert!(block_on(create(&pb::CreateBackupRequest {
+            timestamp: EXPECTED_TIMESTMAP,
+            timezone_offset: 18000,
+        }))
+        .is_ok());
+
+        assert_eq!(
+            list(),
+            Ok(Response::ListBackups(pb::ListBackupsResponse {
+                info: vec![
+                    pb::BackupInfo {
+                        id: "41233dfbad010723dbbb93514b7b81016b73f8aa35c5148e1b478f60d5750dce"
+                            .into(),
+                        timestamp: EXPECTED_TIMESTMAP,
+                        name: DEVICE_NAME_1.into(),
+                    },
+                    pb::BackupInfo {
+                        id: "4c7005846ffc09f31850201a6fdfff084191164eb318db2c6fe5a39df4a97ba0"
+                            .into(),
+                        timestamp: EXPECTED_TIMESTMAP,
+                        name: DEVICE_NAME_2.into(),
+                    }
+                ]
+            }))
+        )
+    }
 }

src/rust/bitbox02/src/lib.rs

@@ -40,6 +40,7 @@ pub mod input;
 pub mod keystore;
 pub mod memory;
 pub mod random;
+pub mod sd;
 pub mod securechip;
 pub mod ui;
 

src/rust/bitbox02/src/memory.rs

@@ -19,6 +19,7 @@ use alloc::string::String;
 // deduct one for the null terminator.
 pub const DEVICE_NAME_MAX_LEN: usize = bitbox02_sys::MEMORY_DEVICE_NAME_MAX_LEN as usize - 1;
 
+#[derive(Debug)]
 pub struct Error;
 
 pub fn get_device_name() -> String {

src/rust/bitbox02/src/sd.rs

@@ -0,0 +1,49 @@
+// Copyright 2021 Shift Crypto AG
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+extern crate alloc;
+use alloc::string::String;
+use alloc::vec::Vec;
+
+struct SdList(bitbox02_sys::sd_list_t);
+
+impl Drop for SdList {
+    fn drop(&mut self) {
+        unsafe { bitbox02_sys::sd_free_list(&mut self.0) }
+    }
+}
+
+pub fn list_subdir(subdir: Option<&str>) -> Result<Vec<String>, ()> {
+    let mut list = SdList(bitbox02_sys::sd_list_t {
+        num_files: 0,
+        files: core::ptr::null_mut(),
+    });
+    match unsafe {
+        bitbox02_sys::sd_list_subdir(
+            &mut list.0,
+            match subdir {
+                Some(subdir) => crate::util::str_to_cstr_vec(subdir).unwrap().as_ptr(),
+                None => core::ptr::null(),
+            },
+        )
+    } {
+        true => (0..list.0.num_files)
+            .map(|i| unsafe {
+                let ptr = *list.0.files.offset(i as _) as *const u8;
+                crate::util::str_from_null_terminated_ptr(ptr).map(String::from)
+            })
+            .collect(),
+        false => Err(()),
+    }
+}

src/rust/bitbox02/src/testing.rs

@@ -49,12 +49,9 @@ pub fn mock(data: Data) {
     keystore::lock();
 }
 
-pub const TEST_MNEMONIC: &str = "purity concert above invest pigeon category peace tuition hazard vivid latin since legal speak nation session onion library travel spell region blast estate stay";
-
-/// This mocks an unlocked keystore with a fixed bip39 seed based on these bip39 recovery words:
-/// `purity concert above invest pigeon category peace tuition hazard vivid latin since legal speak nation session onion library travel spell region blast estate stay`
-pub fn mock_unlocked() {
-    let seed: [u8; 32] = keystore::bip39_mnemonic_to_seed(TEST_MNEMONIC)
+/// This mocks an unlocked keystore with the given bip39 recovery words.
+pub fn mock_unlocked_using_mnemonic(mnemonic: &str) {
+    let seed: [u8; 32] = keystore::bip39_mnemonic_to_seed(mnemonic)
         .unwrap()
         .as_slice()
         .try_into()
@@ -63,6 +60,14 @@ pub fn mock_unlocked() {
     keystore::unlock_bip39(&crate::input::SafeInputString::new()).unwrap();
 }
 
+pub const TEST_MNEMONIC: &str = "purity concert above invest pigeon category peace tuition hazard vivid latin since legal speak nation session onion library travel spell region blast estate stay";
+
+/// This mocks an unlocked keystore with a fixed bip39 seed based on these bip39 recovery words:
+/// `purity concert above invest pigeon category peace tuition hazard vivid latin since legal speak nation session onion library travel spell region blast estate stay`
+pub fn mock_unlocked() {
+    mock_unlocked_using_mnemonic(TEST_MNEMONIC)
+}
+
 /// This mounts a new FAT32 volume in RAM for use in unit tests. As there is only one volume, access only when holding `MUTEX`.
 pub fn mock_sd() {
     unsafe {