Merge branch 'master' into elf2tab

.github/workflows/cargo_fuzz.yml

@@ -30,3 +30,5 @@ jobs:
 
       - name: Cargo fuzz build
         run: cargo fuzz build
+      - name: Cargo fuzz build (libraries/cbor)
+        run: cd libraries/cbor && cargo fuzz build && cd ../..

build.rs

@@ -12,8 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-extern crate openssl;
-
 use openssl::asn1;
 use openssl::ec;
 use openssl::nid::Nid;

examples/crypto_bench.rs

@@ -14,12 +14,10 @@
 
 #![no_std]
 
-#[macro_use]
 extern crate alloc;
-extern crate crypto;
 extern crate lang_items;
-extern crate libtock_drivers;
 
+use alloc::format;
 use alloc::vec::Vec;
 use core::fmt::Write;
 use crypto::{

examples/oom_test.rs

@@ -15,9 +15,7 @@
 #![no_std]
 
 extern crate alloc;
-extern crate crypto;
 extern crate lang_items;
-extern crate libtock_drivers;
 
 use alloc::vec::Vec;
 use core::fmt::Write;

examples/panic_test.rs

@@ -14,10 +14,7 @@
 
 #![no_std]
 
-extern crate alloc;
-extern crate crypto;
 extern crate lang_items;
-extern crate libtock_drivers;
 
 fn main() {
     panic!("Bye world!")

fuzz/Cargo.toml

@@ -13,11 +13,9 @@ libfuzzer-sys = { version = "0.3"}
 arrayref = "0.3.6"
 libtock_drivers = { path = "../third_party/libtock-drivers" }
 crypto = { path = "../libraries/crypto", features = ['std'] }
-cbor = { path = "../libraries/cbor" }
+cbor = { path = "../libraries/cbor", features = ['std'] }
-
+ctap2 = { path = "..", features = ['std', 'ram_storage'] }
-[dependencies.ctap2]
+lang_items = { path = "../third_party/lang-items", features = ['std'] }
-path = ".."
-features = ['std', 'ram_storage']
 
 # Prevent this from interfering with workspaces
 [workspace]

fuzz/fuzz_targets/fuzz_target_split_assemble.rs

@@ -1,10 +1,10 @@
 #![no_main]
 
-extern crate ctap2;
+// This explicit "extern crate" is needed to make the linker aware of the
-extern crate libtock_drivers;
+// `libtock_alloc_init` symbol.
-#[macro_use]
+extern crate lang_items;
-extern crate arrayref;
 
+use arrayref::array_ref;
 use ctap2::ctap::hid::receive::MessageAssembler;
 use ctap2::ctap::hid::send::HidPacketIterator;
 use ctap2::ctap::hid::{HidPacket, Message};

libraries/cbor/fuzz/fuzz_targets/fuzz_target_cbor.rs

@@ -1,10 +1,8 @@
 #![no_main]
-#[macro_use]
-extern crate libfuzzer_sys;
 extern crate alloc;
-extern crate cbor;
 
 use alloc::vec::Vec;
+use libfuzzer_sys::fuzz_target;
 
 fuzz_target!(|data: &[u8]| {
     if let Ok(value) = cbor::read(data) {

libraries/cbor/src/lib.rs

@@ -18,7 +18,6 @@ extern crate alloc;
 #[cfg(feature = "std")]
 extern crate core;
 
-#[macro_use]
 pub mod macros;
 pub mod reader;
 pub mod values;

libraries/cbor/src/macros.rs

@@ -38,8 +38,7 @@ use core::iter::Peekable;
 ///
 /// ```rust
 /// # extern crate alloc;
-/// # #[macro_use]
+/// # use cbor::destructure_cbor_map;
-/// # extern crate cbor;
 /// #
 /// # fn main() {
 /// #     let map = alloc::collections::BTreeMap::new();
@@ -54,8 +53,6 @@ use core::iter::Peekable;
 ///
 /// ```rust
 /// # extern crate alloc;
-/// # #[macro_use]
-/// # extern crate cbor;
 /// #
 /// # fn main() {
 /// #     let mut map = alloc::collections::BTreeMap::<cbor::KeyType, _>::new();
@@ -71,7 +68,7 @@ macro_rules! destructure_cbor_map {
         // sorted - the behavior is unspecified if the keys are not sorted.
         // Therefore, in test mode we add assertions that the keys are indeed sorted.
         #[cfg(test)]
-        assert_sorted_keys!($( $key, )+);
+        $crate::assert_sorted_keys!($( $key, )+);
 
         use $crate::values::{IntoCborKey, Value};
         use $crate::macros::destructure_cbor_map_peek_value;
@@ -144,7 +141,7 @@ macro_rules! assert_sorted_keys {
                 k2,
             );
         }
-        assert_sorted_keys!($key2, $( $keys, )*);
+        $crate::assert_sorted_keys!($key2, $( $keys, )*);
     };
 }
 
@@ -227,7 +224,7 @@ macro_rules! cbor_array_vec {
     }};
 }
 
-#[cfg(test)]
+#[macro_export]
 macro_rules! cbor_true {
     ( ) => {
         $crate::values::Value::Simple($crate::values::SimpleValue::TrueValue)
@@ -248,7 +245,7 @@ macro_rules! cbor_null {
     };
 }
 
-#[cfg(test)]
+#[macro_export]
 macro_rules! cbor_undefined {
     ( ) => {
         $crate::values::Value::Simple($crate::values::SimpleValue::Undefined)
@@ -267,28 +264,28 @@ macro_rules! cbor_bool {
 #[macro_export]
 macro_rules! cbor_unsigned {
     ( $x:expr ) => {
-        cbor_key_unsigned!($x).into()
+        $crate::cbor_key_unsigned!($x).into()
     };
 }
 
 #[macro_export]
 macro_rules! cbor_int {
     ( $x:expr ) => {
-        cbor_key_int!($x).into()
+        $crate::cbor_key_int!($x).into()
     };
 }
 
 #[macro_export]
 macro_rules! cbor_text {
     ( $x:expr ) => {
-        cbor_key_text!($x).into()
+        $crate::cbor_key_text!($x).into()
     };
 }
 
 #[macro_export]
 macro_rules! cbor_bytes {
     ( $x:expr ) => {
-        cbor_key_bytes!($x).into()
+        $crate::cbor_key_bytes!($x).into()
     };
 }
 
@@ -296,7 +293,7 @@ macro_rules! cbor_bytes {
 #[macro_export]
 macro_rules! cbor_bytes_lit {
     ( $x:expr ) => {
-        cbor_bytes!(($x as &[u8]).to_vec())
+        $crate::cbor_bytes!(($x as &[u8]).to_vec())
     };
 }
 

libraries/cbor/src/reader.rs

@@ -13,6 +13,7 @@
 // limitations under the License.
 
 use super::values::{Constants, KeyType, SimpleValue, Value};
+use crate::{cbor_array_vec, cbor_bytes_lit, cbor_map_btree, cbor_text, cbor_unsigned};
 use alloc::collections::BTreeMap;
 use alloc::str;
 use alloc::vec::Vec;
@@ -214,6 +215,10 @@ impl<'a> Reader<'a> {
 #[cfg(test)]
 mod test {
     use super::*;
+    use crate::{
+        cbor_array, cbor_bytes, cbor_false, cbor_int, cbor_map, cbor_null, cbor_true,
+        cbor_undefined,
+    };
 
     #[test]
     fn test_read_unsigned() {

libraries/cbor/src/values.rs

@@ -239,6 +239,8 @@ where
 
 #[cfg(test)]
 mod test {
+    use crate::{cbor_key_bytes, cbor_key_int, cbor_key_text};
+
     #[test]
     fn test_key_type_ordering() {
         assert!(cbor_key_int!(0) < cbor_key_int!(23));

libraries/cbor/src/writer.rs

@@ -92,6 +92,10 @@ impl<'a> Writer<'a> {
 #[cfg(test)]
 mod test {
     use super::*;
+    use crate::{
+        cbor_array, cbor_array_vec, cbor_bytes, cbor_false, cbor_int, cbor_map, cbor_null,
+        cbor_text, cbor_true, cbor_undefined,
+    };
 
     fn write_return(value: Value) -> Option<Vec<u8>> {
         let mut encoded_cbor = Vec::new();

libraries/crypto/src/aes256.rs

@@ -14,6 +14,7 @@
 
 use super::util::{xor_block_16, Block16};
 use super::{Decrypt16BytesBlock, Encrypt16BytesBlock};
+use arrayref::{array_mut_ref, array_ref};
 
 /** A portable and naive textbook implementation of AES-256 **/
 type Word = [u8; 4];

libraries/crypto/src/ec/int256.rs

@@ -13,7 +13,9 @@
 // limitations under the License.
 
 use super::super::rng256::Rng256;
+use alloc::vec;
 use alloc::vec::Vec;
+use arrayref::{array_mut_ref, array_ref};
 use byteorder::{BigEndian, ByteOrder};
 use core::ops::{Add, AddAssign, Sub, SubAssign};
 use subtle::{self, Choice, ConditionallySelectable, ConstantTimeEq};

libraries/crypto/src/ec/point.rs

@@ -16,6 +16,10 @@ use super::exponent256::ExponentP256;
 use super::gfp256::GFP256;
 use super::int256::Int256;
 use super::montgomery::Montgomery;
+#[cfg(test)]
+use arrayref::array_mut_ref;
+#[cfg(feature = "std")]
+use arrayref::array_ref;
 use core::ops::Add;
 use subtle::{Choice, ConditionallySelectable, ConstantTimeEq};
 

libraries/crypto/src/ecdsa.rs

@@ -19,7 +19,12 @@ use super::ec::point::PointP256;
 use super::hmac::hmac_256;
 use super::rng256::Rng256;
 use super::{Hash256, HashBlockSize64Bytes};
+use alloc::vec;
 use alloc::vec::Vec;
+#[cfg(feature = "std")]
+use arrayref::array_ref;
+use arrayref::{array_mut_ref, mut_array_refs};
+use cbor::{cbor_bytes, cbor_map_options};
 use core::marker::PhantomData;
 
 #[derive(Clone, PartialEq)]
@@ -349,9 +354,6 @@ mod test {
     use super::super::rng256::ThreadRng256;
     use super::super::sha256::Sha256;
     use super::*;
-    extern crate hex;
-    extern crate ring;
-    extern crate untrusted;
 
     // Run more test iterations in release mode, as the code should be faster.
     #[cfg(not(debug_assertions))]

libraries/crypto/src/hmac.rs

@@ -13,6 +13,7 @@
 // limitations under the License.
 
 use super::{Hash256, HashBlockSize64Bytes};
+use arrayref::array_ref;
 use subtle::ConstantTimeEq;
 
 const BLOCK_SIZE: usize = 64;
@@ -71,7 +72,6 @@ fn xor_pads(ipad: &mut [u8; BLOCK_SIZE], opad: &mut [u8; BLOCK_SIZE], key: &[u8]
 mod test {
     use super::super::sha256::Sha256;
     use super::*;
-    extern crate hex;
 
     #[test]
     fn test_verify_hmac_valid() {

libraries/crypto/src/lib.rs

@@ -15,14 +15,7 @@
 #![cfg_attr(not(feature = "std"), no_std)]
 #![feature(wrapping_int_impl)]
 
-#[macro_use]
 extern crate alloc;
-extern crate subtle;
-#[macro_use]
-extern crate arrayref;
-extern crate byteorder;
-#[macro_use]
-extern crate cbor;
 
 pub mod aes256;
 pub mod cbc;

libraries/crypto/src/rng256.rs

@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+use arrayref::array_ref;
 use libtock_drivers::rng;
 
 // Lightweight RNG trait to generate uniformly distributed 256 bits.

libraries/crypto/src/sha256.rs

@@ -13,6 +13,7 @@
 // limitations under the License.
 
 use super::{Hash256, HashBlockSize64Bytes};
+use arrayref::{array_mut_ref, array_ref};
 use byteorder::{BigEndian, ByteOrder};
 use core::num::Wrapping;
 
@@ -210,7 +211,6 @@ impl Sha256 {
 #[cfg(test)]
 mod test {
     use super::*;
-    extern crate hex;
 
     #[test]
     fn test_choice() {

libraries/crypto/tests/aesavs.rs

@@ -15,11 +15,7 @@
 /// Test vectors for AES-ECB from NIST's validation suite.
 ///
 /// See also https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/aes/AESAVS.pdf
-#[macro_use]
+use arrayref::array_ref;
-extern crate arrayref;
-extern crate hex;
-extern crate regex;
-
 use crypto::{aes256, Decrypt16BytesBlock, Encrypt16BytesBlock};
 use regex::Regex;
 use std::fs::File;

reproducible/reference_binaries_macos-10.15.sha256sum

@@ -1,9 +1,9 @@
 c242b0237b93328eea0213411916f84e3ce631c3eea3bf56d6769ae5aa0b8d06	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840dk.bin
-7c734d21395170b977ea2cb0df1903bd7caf39a0a8113c935d1800e0932637de	target/nrf52840dk_merged.hex
+634e51405bad750c942773632c99a4d62860ef01dee1ba08e7899fdcded8e175	target/nrf52840dk_merged.hex
 259a54fae11cb8f1306051354825d19223ba4c33f3adfdb2d3e9d9efc7229302	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle.bin
-d0b4c27f419e0bf412437211e0baa4e80c8de90bff384ee2a761d208b767f579	target/nrf52840_dongle_merged.hex
+ba73e815c4ae55f49fb0e4275941903930893daebe70800bc39f24a34d0a8adb	target/nrf52840_dongle_merged.hex
 49d647374a1448c9c3107758b6e0a1cabdf008c3e53524a3b047a16c27b8af29	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle_dfu.bin
-12a2966faa2d3949e195026397f4d3c68c87b48ffb43e26333b673377e7225c2	target/nrf52840_dongle_dfu_merged.hex
+9d6b24b67dcd588c6572b491bae673e309bcbe8962497946232a554b5dc08ba5	target/nrf52840_dongle_dfu_merged.hex
 06a38a0d6d356145467a73c765e28a945878f663664016f888393207097bfe10	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_mdk_dfu.bin
-93c0af94d9bc497edd07c0cdf9c19a2bef288d299cd0fc91e6133fe0097e72dc	target/nrf52840_mdk_dfu_merged.hex
+f3ed663311204ac709ed05dfb3d09ff283c3df7dbc5480ad3ec050523b0a2ed2	target/nrf52840_mdk_dfu_merged.hex
-d16de1ade1c747deae9be7a4a33da57a525cb8d6dbad876afe6ad0714f2b9088	target/tab/ctap2.tab
+a2ee6798d20da62ed2c3ea7164620253d4b2319a3ed2f2dbc2973c1a5dd838a9	target/tab/ctap2.tab

reproducible/reference_binaries_ubuntu-18.04.sha256sum

@@ -1,9 +1,9 @@
 dab66677002854f6abfb1745d24d1c9e4e93c9bba286b14024e42cb8f2b99b9a	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840dk.bin
-d2dac96ab8fb17e66e7539e071e6f5c10b462803c15e952da996072376856b57	target/nrf52840dk_merged.hex
+0bf90b63f0bbd8f8615735bb938dea256911bf68758bce3417f96a241e6462fe	target/nrf52840dk_merged.hex
 70cf9f6c1d6b2149c1ca88664073a92e092215faaf551310f8bfd8e171d3d3a1	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle.bin
-0473486da4acc0c6d8adc5ba697cc29ef45ba0a2341f46bbc09e711d540e0b15	target/nrf52840_dongle_merged.hex
+1acdc5f11e88b48d0fdb3b61f935be0627217fc4b6c688f43c05cdb11385579e	target/nrf52840_dongle_merged.hex
 f550b6493c8cd401d191306510de50ddd6d4c709dcf90ea1bd3a9f1bcffd11b5	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle_dfu.bin
-8dc4c3c5d426b781295012b117d69ff9c092302b5cde7fe97782e5708e2f7270	target/nrf52840_dongle_dfu_merged.hex
+3b16c7d025c27530df5eb9c1c200e3d832c1531351e7601634c5dac6bd144935	target/nrf52840_dongle_dfu_merged.hex
 1baaf518a74c6077cb936d9cf178b6dd0232e7562fa56174886b05b77886cc32	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_mdk_dfu.bin
-b9ef7c68029b3c4e72749912a4a8cce89d08b96bc24d2082dcc7275718313c3d	target/nrf52840_mdk_dfu_merged.hex
+39c94b1dd8e65438d481835663c4ec2cda99311011031403c9244ed5095230c7	target/nrf52840_mdk_dfu_merged.hex
-cbfa52e5e1dbdf7f6528e1dafdae74b18ee755c66bed533e2124d48923594fdd	target/tab/ctap2.tab
+b02eb9439df1f8a3c21eb29f39c3b72c0f709b05a4e8a968441e73678cfb55df	target/tab/ctap2.tab

reproducible/reference_elf2tab_macos-10.15.txt

@@ -6,8 +6,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 187312 (0x2dbb0) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187280 (0x2db90) bytes.
-  Adding .stack section. Offset: 187440 (0x2dc30). Length: 16384 (0x4000) bytes.
+  Adding .stack section. Offset: 187408 (0x2dc10). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -30,8 +30,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 187312 (0x2dbb0) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187280 (0x2db90) bytes.
-  Adding .stack section. Offset: 187440 (0x2dc30). Length: 16384 (0x4000) bytes.
+  Adding .stack section. Offset: 187408 (0x2dc10). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -54,8 +54,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 187312 (0x2dbb0) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187280 (0x2db90) bytes.
-  Adding .stack section. Offset: 187440 (0x2dc30). Length: 16384 (0x4000) bytes.
+  Adding .stack section. Offset: 187408 (0x2dc10). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -78,8 +78,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 187312 (0x2dbb0) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187280 (0x2db90) bytes.
-  Adding .stack section. Offset: 187440 (0x2dc30). Length: 16384 (0x4000) bytes.
+  Adding .stack section. Offset: 187408 (0x2dc10). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2

reproducible/reference_elf2tab_ubuntu-18.04.txt

@@ -6,8 +6,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 187280 (0x2db90) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187264 (0x2db80) bytes.
-  Adding .stack section. Offset: 187408 (0x2dc10). Length: 16384 (0x4000) bytes.
+  Adding .stack section. Offset: 187392 (0x2dc00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -30,8 +30,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 187280 (0x2db90) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187264 (0x2db80) bytes.
-  Adding .stack section. Offset: 187408 (0x2dc10). Length: 16384 (0x4000) bytes.
+  Adding .stack section. Offset: 187392 (0x2dc00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -54,8 +54,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 187280 (0x2db90) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187264 (0x2db80) bytes.
-  Adding .stack section. Offset: 187408 (0x2dc10). Length: 16384 (0x4000) bytes.
+  Adding .stack section. Offset: 187392 (0x2dc00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -78,8 +78,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 187280 (0x2db90) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187264 (0x2db80) bytes.
-  Adding .stack section. Offset: 187408 (0x2dc10). Length: 16384 (0x4000) bytes.
+  Adding .stack section. Offset: 187392 (0x2dc00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2

run_desktop_tests.sh

@@ -49,6 +49,12 @@ cargo check --release --target=thumbv7em-none-eabi --features debug_ctap,with_ct
 echo "Checking that examples build properly..."
 cargo check --release --target=thumbv7em-none-eabi --examples
 
+echo "Checking that fuzz targets build properly..."
+cargo fuzz build
+cd libraries/cbor
+cargo fuzz build
+cd ../..
+
 echo "Checking that CTAP2 builds and links properly (1 set of features)..."
 cargo build --release --target=thumbv7em-none-eabi --features with_ctap1
 ./third_party/tock/tools/sha256sum/target/debug/sha256sum target/thumbv7em-none-eabi/release/ctap2

src/ctap/command.rs

@@ -21,6 +21,7 @@ use super::data_formats::{
 use super::status_code::Ctap2StatusCode;
 use alloc::string::String;
 use alloc::vec::Vec;
+use cbor::destructure_cbor_map;
 use core::convert::TryFrom;
 
 // Depending on your memory, you can use Some(n) to limit request sizes in
@@ -383,6 +384,7 @@ mod test {
     use super::super::ES256_CRED_PARAM;
     use super::*;
     use alloc::collections::BTreeMap;
+    use cbor::{cbor_array, cbor_map};
 
     #[test]
     fn test_from_cbor_make_credential_parameters() {

src/ctap/ctap1.rs

@@ -17,6 +17,7 @@ use super::key_material::{ATTESTATION_CERTIFICATE, ATTESTATION_PRIVATE_KEY};
 use super::status_code::Ctap2StatusCode;
 use super::CtapState;
 use alloc::vec::Vec;
+use arrayref::array_ref;
 use core::convert::Into;
 use core::convert::TryFrom;
 use crypto::rng256::Rng256;

src/ctap/data_formats.rs

@@ -16,6 +16,8 @@ use super::status_code::Ctap2StatusCode;
 use alloc::collections::BTreeMap;
 use alloc::string::String;
 use alloc::vec::Vec;
+use arrayref::array_ref;
+use cbor::{cbor_array_vec, cbor_bytes_lit, cbor_map_options, destructure_cbor_map};
 use core::convert::TryFrom;
 use crypto::{ecdh, ecdsa};
 #[cfg(test)]
@@ -800,6 +802,10 @@ mod test {
     use self::Ctap2StatusCode::CTAP2_ERR_CBOR_UNEXPECTED_TYPE;
     use super::*;
     use alloc::collections::BTreeMap;
+    use cbor::{
+        cbor_array, cbor_bool, cbor_bytes, cbor_false, cbor_int, cbor_map, cbor_null, cbor_text,
+        cbor_unsigned,
+    };
     use crypto::rng256::{Rng256, ThreadRng256};
 
     #[test]

src/ctap/hid/mod.rs

@@ -22,7 +22,9 @@ use super::ctap1;
 use super::status_code::Ctap2StatusCode;
 use super::timed_permission::TimedPermission;
 use super::CtapState;
+use alloc::vec;
 use alloc::vec::Vec;
+use arrayref::{array_ref, array_refs};
 #[cfg(feature = "debug_ctap")]
 use core::fmt::Write;
 use crypto::rng256::Rng256;

src/ctap/mod.rs

@@ -51,8 +51,11 @@ use self::storage::PersistentStore;
 use self::timed_permission::U2fUserPresenceState;
 use alloc::collections::BTreeMap;
 use alloc::string::{String, ToString};
+use alloc::vec;
 use alloc::vec::Vec;
+use arrayref::array_ref;
 use byteorder::{BigEndian, ByteOrder};
+use cbor::{cbor_map, cbor_map_options};
 #[cfg(feature = "debug_ctap")]
 use core::fmt::Write;
 use crypto::cbc::{cbc_decrypt, cbc_encrypt};

src/ctap/pin_protocol_v1.rs

@@ -19,7 +19,10 @@ use super::status_code::Ctap2StatusCode;
 use super::storage::PersistentStore;
 #[cfg(feature = "with_ctap2_1")]
 use alloc::string::String;
+#[cfg(feature = "with_ctap2_1")]
+use alloc::vec;
 use alloc::vec::Vec;
+use arrayref::array_ref;
 use core::convert::TryInto;
 use crypto::cbc::{cbc_decrypt, cbc_encrypt};
 use crypto::hmac::{hmac_256, verify_hmac_256_first_128bits};
@@ -635,6 +638,7 @@ impl PinProtocolV1 {
 #[cfg(test)]
 mod test {
     use super::*;
+    use arrayref::array_refs;
     use crypto::rng256::ThreadRng256;
 
     // Stores a PIN hash corresponding to the dummy PIN "1234".

src/ctap/response.rs

@@ -21,6 +21,7 @@ use super::data_formats::{
 use alloc::collections::BTreeMap;
 use alloc::string::String;
 use alloc::vec::Vec;
+use cbor::{cbor_array_vec, cbor_bool, cbor_map_btree, cbor_map_options, cbor_text};
 
 #[cfg_attr(test, derive(PartialEq))]
 #[cfg_attr(any(test, feature = "debug_ctap"), derive(Debug))]
@@ -236,6 +237,7 @@ mod test {
     #[cfg(feature = "with_ctap2_1")]
     use super::super::ES256_CRED_PARAM;
     use super::*;
+    use cbor::{cbor_bytes, cbor_map};
 
     #[test]
     fn test_make_credential_into_cbor() {

src/ctap/storage.rs

@@ -20,7 +20,12 @@ use crate::ctap::status_code::Ctap2StatusCode;
 use crate::ctap::{key_material, USE_BATCH_ATTESTATION};
 use crate::embedded_flash::{self, StoreConfig, StoreEntry, StoreError};
 use alloc::string::String;
+#[cfg(any(test, feature = "ram_storage", feature = "with_ctap2_1"))]
+use alloc::vec;
 use alloc::vec::Vec;
+use arrayref::array_ref;
+#[cfg(feature = "with_ctap2_1")]
+use cbor::cbor_array_vec;
 use core::convert::TryInto;
 use crypto::rng256::Rng256;
 

src/embedded_flash/buffer.rs

@@ -14,6 +14,7 @@
 
 use super::{Index, Storage, StorageError, StorageResult};
 use alloc::boxed::Box;
+use alloc::vec;
 
 pub struct BufferStorage {
     storage: Box<[u8]>,

src/embedded_flash/store/format.rs

@@ -14,6 +14,7 @@
 
 use super::super::{Index, Storage};
 use super::{bitfield, StoreConfig, StoreEntry, StoreError};
+use alloc::vec;
 use alloc::vec::Vec;
 
 /// Whether a user entry is a replace entry.

src/embedded_flash/store/mod.rs

@@ -169,6 +169,7 @@ use crate::embedded_flash::BufferStorage;
 #[cfg(any(test, feature = "ram_storage"))]
 use alloc::boxed::Box;
 use alloc::collections::BTreeMap;
+use alloc::vec;
 use alloc::vec::Vec;
 
 /// Configures a store.

src/lib.rs

@@ -14,15 +14,7 @@
 
 #![cfg_attr(not(feature = "std"), no_std)]
 
-#[macro_use]
 extern crate alloc;
-#[macro_use]
-extern crate arrayref;
-#[macro_use]
-extern crate cbor;
-extern crate lang_items;
-extern crate libtock_core;
-extern crate libtock_drivers;
 
 pub mod ctap;
 pub mod embedded_flash;

src/main.rs

@@ -14,18 +14,10 @@
 
 #![cfg_attr(not(feature = "std"), no_std)]
 
-#[macro_use]
 extern crate alloc;
-#[macro_use]
-extern crate arrayref;
-extern crate byteorder;
 #[cfg(feature = "std")]
 extern crate core;
-extern crate ctap2;
+extern crate lang_items;
-extern crate subtle;
-#[macro_use]
-extern crate cbor;
-extern crate crypto;
 
 mod ctap;
 pub mod embedded_flash;

update_hashes.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+set -eux
+
+mkdir -p tmp
+
+for OS in macos-10.15 ubuntu-18.04
+do
+  unzip reproduced-$OS.zip -d tmp/reproduced-$OS/
+  tar -C tmp/reproduced-$OS/ -xvf tmp/reproduced-$OS/reproduced.tar
+  cp tmp/reproduced-$OS/reproducible/binaries.sha256sum reproducible/reference_binaries_$OS.sha256sum
+  cp tmp/reproduced-$OS/reproducible/elf2tab.txt reproducible/reference_elf2tab_$OS.txt
+done
+
+rm -R tmp