Make migration run on the trussed-staging backend

Cargo.toml

@@ -24,6 +24,7 @@ serde-indexed = "0.1.0"
 sha2 = { version = "0.10", default-features = false }
 trussed = "0.1"
 trussed-staging = { version = "0.1.0", default-features = false, optional = true }
+littlefs2 = { version = "0.4.0" }
 
 apdu-dispatch = { version = "0.1", optional = true }
 ctaphid-dispatch = { version = "0.1", optional = true }
@@ -64,7 +65,7 @@ ctaphid-dispatch = { git = "https://github.com/trussed-dev/ctaphid-dispatch.git"
 apdu-dispatch = { git = "https://github.com/trussed-dev/apdu-dispatch.git", rev = "915fc237103fcecc29d0f0b73391f19abf6576de" }
 trussed = { git = "https://github.com/nitrokey/trussed.git", rev = "907805eb84c8eb34ed99c922b24433602440ff9f" }
 littlefs2 = { git = "https://github.com/sosthene-nitrokey/littlefs2.git", rev = "99b1a9832c46c9097e73ca1fa43e119026e2068f" }
-trussed-staging = { git = "https://github.com/trussed-dev/trussed-staging", rev = "3b9594d93f89a5e760fe78fa5a96f125dfdcd470" }
+trussed-staging = { git = "https://github.com/trussed-dev/trussed-staging", rev = "f6c93e7b50813289f48cb659b39eaa3e7d274dcd" }
 serde-indexed = { git = "https://github.com/sosthene-nitrokey/serde-indexed.git", rev = "5005d23cb4ee8622e62188ea0f9466146f851f0d" }
 trussed-usbip = { git = "https://github.com/Nitrokey/pc-usbip-runner.git", tag = "v0.0.1-nitrokey.1" }
 usbd-ctaphid = { git = "https://github.com/Nitrokey/usbd-ctaphid.git", tag = "v0.1.0-nitrokey.2" }

examples/usbip.rs

@@ -40,8 +40,6 @@ impl trussed_usbip::Apps<'static, VirtClient, CoreOnly> for FidoApp {
             },
         );
 
-        fido.ensure_migration();
-
         FidoApp { fido }
     }
 

src/lib.rs

@@ -15,6 +15,8 @@
 extern crate delog;
 generate_macros!();
 
+pub use state::migration;
+
 use core::time::Duration;
 
 use trussed::{client, syscall, types::Message, Client as TrussedClient};
@@ -260,12 +262,6 @@ where
         }
     }
 
-    pub fn ensure_migration(&mut self) {
-        self.state
-            .persistent
-            .load_if_not_initialised(&mut self.trussed);
-    }
-
     fn hash(&mut self, data: &[u8]) -> Bytes<32> {
         let hash = syscall!(self.trussed.hash_sha256(data)).hash;
         hash.to_bytes().expect("hash should fit")

src/state.rs

@@ -2,7 +2,7 @@
 //!
 //! Needs cleanup.
 
-mod migration;
+pub mod migration;
 
 use core::num::NonZeroU32;
 
@@ -275,10 +275,6 @@ pub struct PersistentState {
     // TODO: Add per-key counters for resident keys.
     // counter: Option<CounterId>,
     timestamp: u32,
-    /// Does the state have all its credentials in `rk`?
-    /// If no, the credentials need migration.
-    #[serde(skip_serializing_if = "Clone::clone", default)]
-    has_migrated: bool,
 }
 
 impl Default for PersistentState {
@@ -290,8 +286,6 @@ impl Default for PersistentState {
             consecutive_pin_mismatches: 0,
             pin_hash: None,
             timestamp: 0,
-            // If no credentials where created before the migration, we can consider the migration to have happened
-            has_migrated: true,
         }
     }
 }
@@ -313,19 +307,12 @@ impl PersistentState {
 
         let data = result.unwrap().data;
 
-        let mut state: Self = trussed::cbor_deserialize(&data).map_err(|_err| {
+        let state: Self = trussed::cbor_deserialize(&data).map_err(|_err| {
             info!("err deser'ing: {_err:?}",);
             info!("{}", hex_str!(&data));
             Error::Other
         })?;
 
-        if !state.has_migrated {
-            debug!("Starting migration");
-            migration::migrate(trussed)?;
-            state.has_migrated = true;
-            state.save(trussed)?;
-        }
-
         debug!("Loaded state: {state:#?}");
 
         Ok(state)
@@ -355,7 +342,6 @@ impl PersistentState {
         self.consecutive_pin_mismatches = 0;
         self.pin_hash = None;
         self.timestamp = 0;
-        self.has_migrated = true;
         self.save(trussed)
     }