Expose ZIP 32 arbitrary key derivation

[str4d]

Note
This code review checklist is intended to serve as a starting point for the author and reviewer, although it may not be appropriate for all types of changes (e.g. fixing a spelling typo in documentation). For more in-depth discussion of how we think about code review, please see Code Review Guidelines.

Author

• Self-review your own code in GitHub's web interface¹
• Add automated tests as appropriate
• Update the manual tests² as appropriate
• Check the code coverage³ report for the automated tests
• Update documentation as appropriate (e.g README.md, Architecture.md, etc.)
• Run the demo app and try the changes
• Pull in the latest changes from the main branch and squash your commits before assigning a reviewer⁴

Reviewer

• Check the code with the Code Review Guidelines checklist
• Perform an ad hoc review⁵
• Review the automated tests
• Review the manual tests
• Review the documentation, README.md, Architecture.md, etc. as appropriate
• Run the demo app and try the changes⁶

Footnotes

1. Code often looks different when reviewing the diff in a browser, making it easier to spot potential bugs. ↩

2. While we aim for automated testing of the SDK, some aspects require manual testing. If you had to manually test
   something during development of this pull request, write those steps down. ↩

3. While we are not looking for perfect coverage, the tool can point out potential cases that have been missed. Code coverage can be generated with: ./gradlew check for Kotlin modules and ./gradlew connectedCheck -PIS_ANDROID_INSTRUMENTATION_TEST_COVERAGE_ENABLED=true for Android modules. ↩

4. Having your code up to date and squashed will make it easier for others to review. Use best judgement when squashing commits, as some changes (such as refactoring) might be easier to review as a separate commit. ↩

5. In addition to a first pass using the code review guidelines, do a second pass using your best judgement and experience which may identify additional questions or comments. Research shows that code review is most effective when done in multiple passes, where reviewers look for different things through each pass. ↩

6. While the CI server runs the demo app to look for build failures or crashes, humans running the demo app are
   more likely to notice unexpected log messages, UI inconsistencies, or bad output data. Perform this step last, after verifying the code changes are safe to run locally. ↩

[HonzaR]

The proposed changes look good to me. We'll prepare tests to ensure the new APIs return expected values.

[nuttycom]

utACK 968afa4

[daira]

If failing to meet this requirement can cause a panic, it must also be documented at this layer.

[str4d]

A Rust panic becomes a RuntimeException on the Android side, so there's no panic exposed in the public API.

[daira]

Does that need to be documented at the RustDerivationTool layer?

[daira]

If failing to meet this requirement can cause a panic, it must also be documented at this layer.

[daira]

If failing to meet this requirement can cause a panic, it must also be documented at this layer.

[daira]

utACK with blocking comments.