foundation-ur 0.4.0

Implementation of Blockchain Common's Uniform Resources (UR) standard, with static memory allocation for embedded devices while also allowing to use dynamic memory allocation for platforms with more resources.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349

// SPDX-FileCopyrightText: © 2023 Foundation Devices, Inc. <hello@foundationdevices.com>
// SPDX-FileCopyrightText: © 2020 Dominik Spicher <dominikspicher@gmail.com>
// SPDX-License-Identifier: MIT

//! Parts.

use core::{fmt, ops::DerefMut};

use crate::{
    bytewords,
    collections::Set,
    fountain::{chooser, chooser::BaseFragmentChooser, util::xor_into},
};

/// Description of how a message is split into parts.
///
/// This structure is a subset of the information of a [`Part`].
#[derive(Debug, Clone, PartialEq, Eq, Hash)]
pub struct MessageDescription {
    /// The total sequence count.
    pub sequence_count: u32,
    /// The total message length, in bytes, excluding the padding bytes size.
    pub message_length: usize,
    /// The CRC32 checksum of the entire message.
    pub checksum: u32,
    /// The length of a single fragment.
    pub fragment_length: usize,
}

/// A part emitted by a fountain [encoder](crate::fountain::BaseEncoder).
///
/// Most commonly, this is obtained by calling [`next_part`] on the encoder.
///
/// [`next_part`]: crate::fountain::BaseEncoder::next_part
#[derive(Clone, Debug, PartialEq, Eq)]
#[cfg_attr(feature = "arbitrary", derive(arbitrary::Arbitrary))]
pub struct Part<'a> {
    /// The sequence number of this part. Can be higher than
    /// [`sequence_count`](Self::sequence_count).
    pub sequence: u32,
    /// The total sequence count of the entire message.
    pub sequence_count: u32,
    /// The total message length, in bytes, excluding the padding bytes size.
    pub message_length: usize,
    /// The CRC32 checksum of the entire message.
    pub checksum: u32,
    /// The data of this part.
    ///
    /// If [`sequence`](Self::sequence), is higher than
    /// [`sequence_count`](Self::sequence_count) it's very likely that the data
    /// data contained is mixed, however there may be some cases where the
    /// former is true and this is a "simple part".
    pub data: &'a [u8],
}

impl<'a> Part<'a> {
    /// Returns `true` if this part is valid.
    ///
    /// Verifies that:
    ///
    /// - `sequence`, `sequence_count` are positive values.
    /// - `message_length` is a positive value and is .
    /// - `data` contains data and is smaller or equal to `message_length`.
    pub fn is_valid(&self) -> bool {
        self.sequence > 0
            && self.sequence_count > 0
            && self.message_length > 0
            && !self.data.is_empty()
            && self.data.len() <= self.message_length
    }

    /// Calculate the indexes contained on this [`Part`].
    ///
    /// **Note:** this is a costly operating that can take a lot of memory in
    /// the stack or the heap depending on the
    /// [fragment chooser types](chooser::Types) used.
    pub fn indexes<C, I>(&self) -> I
    where
        C: chooser::Types,
        I: Set<usize>,
    {
        BaseFragmentChooser::<C>::default().choose_fragments(
            self.sequence,
            self.sequence_count,
            self.checksum,
        )
    }

    /// Returns the maximum length that an encoded `Part` can have excluding
    /// the `data` contents.
    pub const fn max_encoded_len() -> usize {
        #[rustfmt::skip]
        const MAX_CBOR: &[u8] = &[
            0x85,                                                     // array(5)
                0x1A, 0xFF, 0xFF, 0xFF, 0xFF,                         // unsigned(0xFFFFFFF)
                0x1B, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, // unsigned(0xFFFFFFFFFFFFFFFF)
                0x1B, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, // unsigned(0xFFFFFFFFFFFFFFFF)
                0x1A, 0xFF, 0xFF, 0xFF, 0xFF,                         // unsigned(0xFFFFFFF)
                0x5B, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, // bytes(0xFFFFFFFFFFFFFFFF)
        ];

        MAX_CBOR.len()
    }

    /// Convert this [`Part`] to a [`MessageDescription`].
    pub fn to_message_description(&self) -> MessageDescription {
        MessageDescription {
            sequence_count: self.sequence_count,
            message_length: self.message_length,
            checksum: self.checksum,
            fragment_length: self.data.len(),
        }
    }
}

/// Display this [`Part`] as encoded bytewords.
impl<'a> fmt::Display for Part<'a> {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        // Use custom minicbor writer that writes directly to `Formatter` instead of
        // using an intermediate buffer, so CBOR is directly encoded as bytewords.
        let mut encoder = minicbor::Encoder::new(bytewords::minicbor::Writer::new(f));
        encoder.encode(self).map_err(|_| fmt::Error)?;

        // Call finish to write CRC32 at the end.
        encoder.into_writer().finish()?;

        Ok(())
    }
}

impl<'a> PartialEq<MessageDescription> for Part<'a> {
    fn eq(&self, other: &MessageDescription) -> bool {
        self.sequence_count == other.sequence_count
            && self.message_length == other.message_length
            && self.checksum == other.checksum
            && self.data.len() == other.fragment_length
    }
}

/// Encodes [`Part`] to it's CBOR representation.
impl<'a, C> minicbor::Encode<C> for Part<'a> {
    fn encode<W: minicbor::encode::Write>(
        &self,
        e: &mut minicbor::Encoder<W>,
        _ctx: &mut C,
    ) -> Result<(), minicbor::encode::Error<W::Error>> {
        e.array(5)?
            .u32(self.sequence)?
            .u64(u64::from(self.sequence_count))?
            .u64(
                self.message_length
                    .try_into()
                    .map_err(|_| minicbor::encode::Error::message("expected u64"))?,
            )?
            .u32(self.checksum)?
            .bytes(self.data)?;

        Ok(())
    }
}

/// Decodes [`Part`] from it's CBOR representation.
impl<'b, C> minicbor::Decode<'b, C> for Part<'b> {
    fn decode(
        d: &mut minicbor::Decoder<'b>,
        _ctx: &mut C,
    ) -> Result<Self, minicbor::decode::Error> {
        if !matches!(d.array()?, Some(5)) {
            return Err(minicbor::decode::Error::message(
                "invalid CBOR array length",
            ));
        }

        Ok(Self {
            sequence: d.u32()?,
            sequence_count: d.u32()?,
            message_length: d
                .u32()?
                .try_into()
                .map_err(|_| minicbor::decode::Error::message("expected usize"))?,
            checksum: d.u32()?,
            data: d.bytes()?,
        })
    }
}

/// A part with the indexes of the simple parts mixed.
#[derive(Debug, Clone)]
pub struct IndexedPart<D, I> {
    /// The data of this part.
    pub data: D,
    /// The indexes contained in this part.
    pub indexes: I,
}

impl<D, I> IndexedPart<D, I> {
    /// Create a new [`IndexedPart`] from `data` and the indexes of the parts
    /// mixed in `data`.
    pub fn new(data: D, indexes: I) -> Self {
        Self { data, indexes }
    }

    /// Returns `true` if the part is simple.
    ///
    /// A part is simple if it only contains a single mixed, e.g: the data is
    /// already decoded (or unmixed).
    #[inline]
    pub fn is_simple(&self) -> bool
    where
        I: Set<usize>,
    {
        self.indexes.len() == 1
    }

    /// Reduce this part by another part.
    ///
    /// # Panics
    ///
    /// This function panics if this part is already simple.
    pub fn reduce(&mut self, part: &IndexedPart<D, I>)
    where
        D: DerefMut<Target = [u8]>,
        I: Set<usize>,
    {
        if self.indexes.len() == 1 {
            return;
        }

        if part.indexes.is_subset(&self.indexes) {
            self.indexes = self.indexes.sub(&part.indexes);
            xor_into(&mut self.data, &part.data);
        }
    }

    /// Reduce this part by a simple part.
    ///
    /// # Panics
    ///
    /// This function panics if this part is already simple.
    pub fn reduce_by_simple(&mut self, data: &[u8], index: usize)
    where
        D: DerefMut<Target = [u8]>,
        I: Set<usize>,
    {
        assert!(self.indexes.len() > 1, "cannot reduce a simple part");

        if self.indexes.contains(&index) {
            self.indexes.remove(&index);
            xor_into(&mut self.data, data);
        }
    }
}

#[cfg(test)]
pub mod tests {
    use super::*;

    #[test]
    #[cfg(feature = "alloc")]
    fn test_part_cbor_roundtrip() {
        const PART: Part = Part {
            sequence: 12,
            sequence_count: 8,
            message_length: 100,
            checksum: 0x1234_5678,
            data: &[1, 5, 3, 3, 5],
        };

        let mut cbor = alloc::vec::Vec::new();
        minicbor::encode(&PART, &mut cbor).unwrap();

        let part2: Part = minicbor::decode(&cbor).unwrap();
        assert_eq!(part2, PART);

        let mut cbor2 = alloc::vec::Vec::new();
        minicbor::encode(&part2, &mut cbor2).unwrap();
        assert_eq!(cbor, cbor2);
    }

    #[test]
    fn test_part_cbor_decode() {
        // 0x18 is the first byte value that doesn't directly encode a u8,
        // but implies a following value
        assert!(minicbor::decode::<'_, Part>(&[0x18]).is_err());
        // the top-level item must be an array
        assert!(minicbor::decode::<'_, Part>(&[0x1]).is_err());
        // the array must be of length five
        assert!(minicbor::decode::<'_, Part>(&[0x84, 0x1, 0x2, 0x3, 0x4]).is_err());
        assert!(minicbor::decode::<'_, Part>(&[0x86, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6]).is_err());
        // the first item must be an unsigned integer
        assert!(
            minicbor::decode::<'_, Part>(&[0x85, 0x41, 0x1, 0x2, 0x3, 0x4, 0x41, 0x1]).is_err()
        );
        // the second item must be an unsigned integer
        assert!(
            minicbor::decode::<'_, Part>(&[0x85, 0x1, 0x41, 0x2, 0x3, 0x4, 0x41, 0x1]).is_err()
        );
        // the third item must be an unsigned integer
        assert!(
            minicbor::decode::<'_, Part>(&[0x85, 0x1, 0x2, 0x41, 0x3, 0x4, 0x41, 0x1]).is_err()
        );
        // the fourth item must be an unsigned integer
        assert!(
            minicbor::decode::<'_, Part>(&[0x85, 0x1, 0x2, 0x3, 0x41, 0x4, 0x41, 0x1]).is_err()
        );
        // the fifth item must be byte string
        assert!(minicbor::decode::<'_, Part>(&[0x85, 0x1, 0x2, 0x3, 0x4, 0x5]).is_err());
        assert!(minicbor::decode::<'_, Part>(&[0x85, 0x1, 0x2, 0x3, 0x4, 0x5]).is_err());
        minicbor::decode::<'_, Part>(&[0x85, 0x1, 0x2, 0x3, 0x4, 0x41, 0x5]).unwrap();
    }

    #[test]
    fn test_part_cbor_decode_unsigned_types() {
        // u8
        minicbor::decode::<'_, Part>(&[0x85, 0x1, 0x2, 0x3, 0x4, 0x41, 0x5]).unwrap();
        // u16
        minicbor::decode::<'_, Part>(&[
            0x85, 0x19, 0x1, 0x2, 0x19, 0x3, 0x4, 0x19, 0x5, 0x6, 0x19, 0x7, 0x8, 0x41, 0x5,
        ])
        .unwrap();
        // u32
        minicbor::decode::<'_, Part>(&[
            0x85, 0x1a, 0x1, 0x2, 0x3, 0x4, 0x1a, 0x5, 0x6, 0x7, 0x8, 0x1a, 0x9, 0x10, 0x11, 0x12,
            0x1a, 0x13, 0x14, 0x15, 0x16, 0x41, 0x5,
        ])
        .unwrap();
        // u64
        assert!(minicbor::decode::<'_, Part>(&[
            0x85, 0x1b, 0x1, 0x2, 0x3, 0x4, 0xa, 0xb, 0xc, 0xd, 0x1a, 0x5, 0x6, 0x7, 0x8, 0x1a,
            0x9, 0x10, 0x11, 0x12, 0x1a, 0x13, 0x14, 0x15, 0x16, 0x41, 0x5,
        ])
        .is_err());
        assert!(minicbor::decode::<'_, Part>(&[
            0x85, 0x1a, 0x1, 0x2, 0x3, 0x4, 0x1b, 0x5, 0x6, 0x7, 0x8, 0xa, 0xb, 0xc, 0xd, 0x1a,
            0x9, 0x10, 0x11, 0x12, 0x1a, 0x13, 0x14, 0x15, 0x16, 0x41, 0x5,
        ])
        .is_err());
        assert!(minicbor::decode::<'_, Part>(&[
            0x85, 0x1a, 0x1, 0x2, 0x3, 0x4, 0x1a, 0x5, 0x6, 0x7, 0x8, 0x1b, 0x9, 0x10, 0x11, 0x12,
            0xa, 0xb, 0xc, 0xd, 0x1a, 0x13, 0x14, 0x15, 0x16, 0x41, 0x5,
        ])
        .is_err());
        assert!(minicbor::decode::<'_, Part>(&[
            0x85, 0x1a, 0x1, 0x2, 0x3, 0x4, 0x1a, 0x5, 0x6, 0x7, 0x8, 0x1a, 0x9, 0x10, 0x11, 0x12,
            0x1b, 0x13, 0x14, 0x15, 0x16, 0xa, 0xb, 0xc, 0xd, 0x41, 0x5,
        ])
        .is_err());
    }
}