rust: remove custom CStr type in favor of core::ffi::CStr

core::ffi::CStr was added to core in Rust 1.64.0, so we can remove our
custom CStr type to convert C strings into Rust strings. There was
only one use left in the U2F registration/authentication confirmation screen.

Author: benma

src/rust/bitbox02-rust-c/src/util.rs

@@ -100,40 +100,6 @@ impl AsMut<[u8]> for BytesMut {
     }
 }
 
-/// CStr is a null-terminated string. Null pointers are interpreted as empty strings.
-#[repr(C)]
-pub struct CStr {
-    buf: *const c_char,
-    len: usize,
-}
-
-impl CStr {
-    /// Create a CStr from a null-terminated string or null pointer. Unsafe because it will read
-    /// until it finds a null character.
-    pub unsafe fn new(buf: *const c_char) -> Self {
-        if buf.is_null() {
-            CStr {
-                buf: core::ptr::NonNull::dangling().as_ptr(),
-                len: 0,
-            }
-        } else {
-            let mut len = 0;
-            let mut b = buf;
-            while b.read() != 0 {
-                len += 1;
-                b = b.offset(1);
-            }
-            CStr { buf, len }
-        }
-    }
-}
-
-impl AsRef<str> for CStr {
-    fn as_ref(&self) -> &str {
-        unsafe { core::str::from_utf8_unchecked(core::slice::from_raw_parts(self.buf, self.len)) }
-    }
-}
-
 /// CStrMut is a "growable" container which keeps track of some array allocated by C with a length
 /// and a capacity state. It always contains a null-terminated string. The string (excluding null
 /// terminator) can therefore be maximally `capacity-1` long.
@@ -245,14 +211,6 @@ pub unsafe extern "C" fn rust_util_bytes_mut(buf: *mut c_uchar, len: usize) -> B
     BytesMut { buf, len }
 }
 
-/// Convert buffer to str.
-///
-/// * `buf` - Must be a valid pointer to a null terminated array of bytes.
-#[no_mangle]
-pub unsafe extern "C" fn rust_util_cstr(buf: *const c_char) -> CStr {
-    CStr::new(buf)
-}
-
 /// Convert buffer to mutable str. The whole buffer is considered empty from start.
 ///
 /// * `buf` - Must be a valid pointer to an array of bytes
@@ -301,17 +259,6 @@ mod tests {
         rust_util_zero(unsafe { rust_util_bytes_mut(core::ptr::null_mut(), 0) });
     }
 
-    #[test]
-    fn test_rust_util_cstr() {
-        let cstr = unsafe { rust_util_cstr(b"\0".as_ptr()) };
-        assert_eq!(cstr.as_ref(), "");
-        assert_eq!(cstr.len, 0);
-
-        let cstr = unsafe { rust_util_cstr(b"foo\0bar".as_ptr()) };
-        assert_eq!(cstr.as_ref(), "foo");
-        assert_eq!(cstr.len, 3);
-    }
-
     #[test]
     #[should_panic]
     fn create_invalid_bytes_mut() {

src/rust/bitbox02-rust-c/src/workflow.rs

@@ -44,12 +44,11 @@ pub unsafe extern "C" fn rust_workflow_spawn_unlock() {
 
 #[no_mangle]
 pub unsafe extern "C" fn rust_workflow_spawn_confirm(
-    title: crate::util::CStr,
-    body: crate::util::CStr,
+    title: *const core::ffi::c_char,
+    body: *const core::ffi::c_char,
 ) {
-    CONFIRM_TITLE = Some(title.as_ref().into());
-    CONFIRM_BODY = Some(body.as_ref().into());
-
+    CONFIRM_TITLE = Some(core::ffi::CStr::from_ptr(title).to_str().unwrap().into());
+    CONFIRM_BODY = Some(core::ffi::CStr::from_ptr(body).to_str().unwrap().into());
     CONFIRM_PARAMS = Some(confirm::Params {
         title: CONFIRM_TITLE.as_ref().unwrap(),
         body: CONFIRM_BODY.as_ref().unwrap(),

src/u2f/u2f_app.c

@@ -213,7 +213,7 @@ void u2f_app_confirm_start(enum u2f_app_confirm_t type, const uint8_t* app_id)
     }
     _state.outstanding_confirm = type;
     memcpy(_state.app_id, app_id, 32);
-    rust_workflow_spawn_confirm(rust_util_cstr(title), rust_util_cstr(app_string));
+    rust_workflow_spawn_confirm(title, app_string);
 }
 
 async_op_result_t u2f_app_confirm_retry(enum u2f_app_confirm_t type, const uint8_t* app_id)