Skip to content

Commit

Permalink
wip: fix: serialization
Browse files Browse the repository at this point in the history
  • Loading branch information
tbrezot committed Feb 1, 2024
1 parent 0c05ea1 commit 53bfe7b
Show file tree
Hide file tree
Showing 31 changed files with 1,623 additions and 1,815 deletions.
3 changes: 2 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,5 @@
/.vscode
Cargo.lock
**/.#*
**/#*#
**/#*#
**/*~
11 changes: 10 additions & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,21 @@ name = "cosmian_cover_crypt"
# The cdylib is only interesting if the `--features ffi` flag is set on build
# This does not seem to be actionable conditionally https://github.com/rust-lang/cargo/issues/4881

[[example]]
name = "encrypt"
required-features = ["serialization"]

[[example]]
name = "decrypt"
required-features = ["serialization"]

[features]
full_bench = []
hybridized_bench = []
serialization = []

[dependencies]
cosmian_crypto_core = { git="https://github.com/Cosmian/crypto_core.git", branch="feat/add_neutral_scalars", default-features = false, features = ["ser", "sha3", "aes", "curve25519"] }
cosmian_crypto_core = { git="https://github.com/Cosmian/crypto_core.git", branch="develop", default-features = false, features = ["ser", "sha3", "aes", "curve25519"] }
pqc_kyber = { version = "0.4", features = ["std", "hazmat"] }
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
Expand Down
45 changes: 20 additions & 25 deletions examples/decrypt.rs
Original file line number Diff line number Diff line change
@@ -1,31 +1,26 @@
fn main() {
#[cfg(feature = "serialization")]
{
use base64::{
alphabet::STANDARD,
engine::{GeneralPurpose, GeneralPurposeConfig},
Engine,
};
use cosmian_cover_crypt::{Covercrypt, EncryptedHeader, UserSecretKey};
use cosmian_crypto_core::bytes_ser_de::Serializable;
const USK: &str = "sUBriVEsM8HowAKOsIs9Y5p+Xa8JwJf84rlBHXzfkg+BJ6PzK79cT37Wsku5pMVKrfi/eIWhufC2pjYNMBOUAgMAH+waKc6AuwtAaYXXUAJA0K/uc5A22nXEShVXykjZ8QIBuNMsBrpSQaW0hAZ0AFvJTlwSM2BgI8m5k4wj3kQQ9NaP4cK6VvwyFlx7ZwwMZkJoCSgfiPvN4XqeWmiw/hehgjU2HkgYDQJf9QABaUoa74qM42SBnNubVVVnPvO5zrZ++NgoIHt4VPJfsMu157i6bakhOEWJy/CduXYGqedOGsNpj+gq0VsanjqeJ9gZ6sKjCknGoTxbEipIrPUO5jqJLzmJilS0ycAhR1mYlGU9yApPithxeIMaQFAAegOUTVFDFausKPbDZ1IYEWyftONyaaelMyJF4eCQIWILEihLuoscwGkVlYmRttcNVrLDW3yHN/cFQgiBSNVOi/RTLSpdsaMtattwDcaEiRUvCxe2gfaCYQV9zPIsdfAG2TIf2MPLcqUu0EBnIohX/TKyOTavt7HB76d/pCWT7sceu/YldifCYUoWABA8GbnF6DurlVwhfYUKhThnchbP3mgsEUsy+vQlWIwvrwxgpgqaabNSwJIUCXttY6kYNjJbL5pkahaAnxYLRMcvvKfGtzwlX7ewINAFrMSUBua8abWzgIa2NWlt2/ON7tKrVIaqRMYs8KFJSSsQ4bGEhZfBjWEYacAho8bFMuqamQgxaJhyj/J+tZrA24A5ckmPSPeGOIKealWkQmy8f0oAPVsOGaQFcBwLMPe4qRl49tpM6kRgpsyOkeQYOdpQ7Rue0xMKR+UhdPJkzYcGoVlAIGRmvSQzamw0kEYYV6yWr7AHiiqPZ/AuS7RcYUzPB0tSZ9BSdJKSX1jGf2aCbPPD8DxQ6VVPqWOekHshGGBOEzqBPhxtpfQB/lhl2KG/XOgUB6Kqs/zF14oLvlBL2XU2fCaj76ydrdOlo5JSSLKU2pkWASMLNGIM5TUqBsi/D4A9lLlqW5dDOik4ujNLbMAl4Yt4HxOe+pGKhFexfwJBgdCB6IBsatK/nWnIMuW9ZZFbUQG7oTOuFMKvurQ2OsyWa9VA06ldDFWIOQyzgydm2pp3XnXKaJElyYMSE1Ef4KRgEqgYA6J8yNIoI0o092y/HUxAoWWc5PesDmeqbbaLFEFdAqJ4gerNbtS1uAQWIsJzHAC2pGgxmLE7WkaD1IQ3fFgTHPOR97EdlbbM5YGa78mUpHqS0NpYQpbHluRUbyJ9uyIcvAxHewmIKIfDKnZ1z+YG/sIccCY+tFlGxBApSym1tgRBREcgkcYUAogq5nsKY5mvhXxICTCU4WtxZLxl17CC6du5pRSH+9hAMvI2C5R/6udvXkaYc0Ki35WsO5QAHlOVLBwbKLfM9xlhPkFf9qkqgKoMfqEJDcOn79QfOVFFqSfDI9Ep7Wl2YMK3r1apC2gw9xmwjBsMkEYLq2lNH4l0OqGpXDpAQCMwyTEOs5XHjWpsgxIvDId3HDu2DCBKYhUavtYHSgHNUeITVraWmhI9ygkBVMJKLfUGIVq/UwQvhzeVFePNhhN59HuWSjCyonWG6iFQeCCb9Dq0z2DNowiOnVdDWIM5g7BRTgSKBBlE/kArtfaDPyCXENUnwOZDpka63VMCNGak45IkSPT5SN7pdkPW9uIQBaAb04uYPbnALTij4xUzLwkAqXQvjNzwE8/0JzoWmWfdf9zdi1jdzpG1ZTqir0h74gc=";

const USK: &str = "sUBriVEsM8HowAKOsIs9Y5p+Xa8JwJf84rlBHXzfkg+BJ6PzK79cT37Wsku5pMVKrfi/eIWhufC2pjYNMBOUAgMAH+waKc6AuwtAaYXXUAJA0K/uc5A22nXEShVXykjZ8QIBuNMsBrpSQaW0hAZ0AFvJTlwSM2BgI8m5k4wj3kQQ9NaP4cK6VvwyFlx7ZwwMZkJoCSgfiPvN4XqeWmiw/hehgjU2HkgYDQJf9QABaUoa74qM42SBnNubVVVnPvO5zrZ++NgoIHt4VPJfsMu157i6bakhOEWJy/CduXYGqedOGsNpj+gq0VsanjqeJ9gZ6sKjCknGoTxbEipIrPUO5jqJLzmJilS0ycAhR1mYlGU9yApPithxeIMaQFAAegOUTVFDFausKPbDZ1IYEWyftONyaaelMyJF4eCQIWILEihLuoscwGkVlYmRttcNVrLDW3yHN/cFQgiBSNVOi/RTLSpdsaMtattwDcaEiRUvCxe2gfaCYQV9zPIsdfAG2TIf2MPLcqUu0EBnIohX/TKyOTavt7HB76d/pCWT7sceu/YldifCYUoWABA8GbnF6DurlVwhfYUKhThnchbP3mgsEUsy+vQlWIwvrwxgpgqaabNSwJIUCXttY6kYNjJbL5pkahaAnxYLRMcvvKfGtzwlX7ewINAFrMSUBua8abWzgIa2NWlt2/ON7tKrVIaqRMYs8KFJSSsQ4bGEhZfBjWEYacAho8bFMuqamQgxaJhyj/J+tZrA24A5ckmPSPeGOIKealWkQmy8f0oAPVsOGaQFcBwLMPe4qRl49tpM6kRgpsyOkeQYOdpQ7Rue0xMKR+UhdPJkzYcGoVlAIGRmvSQzamw0kEYYV6yWr7AHiiqPZ/AuS7RcYUzPB0tSZ9BSdJKSX1jGf2aCbPPD8DxQ6VVPqWOekHshGGBOEzqBPhxtpfQB/lhl2KG/XOgUB6Kqs/zF14oLvlBL2XU2fCaj76ydrdOlo5JSSLKU2pkWASMLNGIM5TUqBsi/D4A9lLlqW5dDOik4ujNLbMAl4Yt4HxOe+pGKhFexfwJBgdCB6IBsatK/nWnIMuW9ZZFbUQG7oTOuFMKvurQ2OsyWa9VA06ldDFWIOQyzgydm2pp3XnXKaJElyYMSE1Ef4KRgEqgYA6J8yNIoI0o092y/HUxAoWWc5PesDmeqbbaLFEFdAqJ4gerNbtS1uAQWIsJzHAC2pGgxmLE7WkaD1IQ3fFgTHPOR97EdlbbM5YGa78mUpHqS0NpYQpbHluRUbyJ9uyIcvAxHewmIKIfDKnZ1z+YG/sIccCY+tFlGxBApSym1tgRBREcgkcYUAogq5nsKY5mvhXxICTCU4WtxZLxl17CC6du5pRSH+9hAMvI2C5R/6udvXkaYc0Ki35WsO5QAHlOVLBwbKLfM9xlhPkFf9qkqgKoMfqEJDcOn79QfOVFFqSfDI9Ep7Wl2YMK3r1apC2gw9xmwjBsMkEYLq2lNH4l0OqGpXDpAQCMwyTEOs5XHjWpsgxIvDId3HDu2DCBKYhUavtYHSgHNUeITVraWmhI9ygkBVMJKLfUGIVq/UwQvhzeVFePNhhN59HuWSjCyonWG6iFQeCCb9Dq0z2DNowiOnVdDWIM5g7BRTgSKBBlE/kArtfaDPyCXENUnwOZDpka63VMCNGak45IkSPT5SN7pdkPW9uIQBaAb04uYPbnALTij4xUzLwkAqXQvjNzwE8/0JzoWmWfdf9zdi1jdzpG1ZTqir0h74gc=";
const HEADER: &str = "dkKN4Ga3BcJyspF5FntqHYwXI/yoUugzqcF0DPCluyUckuqbpXDRgSWdnyh5k0wCNAD6BgOR3WXjjrg6bF/mR/ICzF1XqtqK5Fn0uZ7FgYkBAbjlkpf7VV3M7BrwEB1FIJ2ZhekRLPayJvvTTdE6DY9ddr3IbuzEiMASs2P5nRabJe+p1xLJ9Yp1+8roV6GgWy37m7ysu24nxtKKPiyCIh29zxt4WjG+rJZOS0iJ2ETEjGPG5yyY7LYsOwsp6tQlb/XGmqd91TxjobKOnRceYRV29E1vj/uwzyT8OtRfWVITK1v1ku4knbWPhXFGVdiUpME+QqZIrjulMPI/AKoABa925Eq8h7UM64p91288I5Lq+S8+ysIaJv2nlydxb9BZBg/NeG5YGD+NIKm0EXoDekmbX91rLktO0cgFYEhNm+43BvLLXoyD7iU2bT7dQKNMUxMyoDvhB40aOkTWKJGCFnnrLf+oSxGDkCWTNaWYCJ3qygxjETGdigQzV6bzaGh2f/pjAzRHwKJHgywW4E2BCGrM4BJZvjhl44sZ14HWLofl3hNzLfrdJLFZz7Ua3PxHlidQ+ZsZSOW61G9Xt5vwHYZDtQOMVcX7tyNTNmMoIlghHjm66H8JDtuiduy08VE+7/Bk2anWhljNX2f2a/+hOjMbzqG+zaAtgpppylkvG/WlR1xLohGlLKdAWYRETIrI0oKi8RKFNHdnuPCZRDHlHDjhc273rPvsn7FlolSSTxbjvyTacB7jNwKfxW32eEK82p04GQyVN5uEBQBZUG4heNnoba54ybeU66PbOOclgE+LoblnvE0lqv8VxbCvbM3VVxTJ0rMj8ZshcxEWDv1v8E1JkGeq3QcDK/Ww1wBDuwLhxY8xbKmD40bmS8nGkRTLDuyhtg009oboT4+SL83Dz5WXEBcwO2m8Noor0QgtMjuyCAR92gvNSvewk03Q6X80W5Rd+tvw6HMwnoevpKge56akgXnQPnx76h78jIrEZ8FDZ7g6dlqPf7Lr9PnWQKhVHZwh1CBN0Rbb0ylumpvkiSCV7kF1tqPE89LO31jmYdULuQmMclKRst+SdXWSM7t2J/CeFmTgSiJ896P95imsC3XcWvmJqk+qlBNynP/Azmn775H59UHj21t8z2sFYwYkDfDRyBSxVLW/08nz+9vVy05qmrUqej/Iv4sHHjE3cgLCD+rjPOHssoFdr4ubG441N+1HpvoxFbo0Yk/fNH9JzqQj09eA4Wx6t3fjOWYJ8CESyK7lKBANYrQ5IdYuY3tk/Z3uR/uYff2pKu6xuisLF66FVC80WokFlvCEoYLLJs/q2/16mMo7cqkbhI0SLJgaAK8wIvJUS64Xxb3+SVVPYkeVFywrAb89J0kg6txXIuOfHxGcDZu7QaEPQUos7pwnbZBeXb/Q1RHbEE6cXr1pGB6wU+0gABNzLLTRNHuu2qm33myLkNQRilOyR7EqrDmLwY3ysGE5tmxYH5+zEu7nR/rkozqwpueGmrDMibRRw14kLRCNh6YkqvKsbSg1Tg0EKZe2eLGG0mmgj5jcYqusRcVtAA==";

const HEADER: &str = "dkKN4Ga3BcJyspF5FntqHYwXI/yoUugzqcF0DPCluyUckuqbpXDRgSWdnyh5k0wCNAD6BgOR3WXjjrg6bF/mR/ICzF1XqtqK5Fn0uZ7FgYkBAbjlkpf7VV3M7BrwEB1FIJ2ZhekRLPayJvvTTdE6DY9ddr3IbuzEiMASs2P5nRabJe+p1xLJ9Yp1+8roV6GgWy37m7ysu24nxtKKPiyCIh29zxt4WjG+rJZOS0iJ2ETEjGPG5yyY7LYsOwsp6tQlb/XGmqd91TxjobKOnRceYRV29E1vj/uwzyT8OtRfWVITK1v1ku4knbWPhXFGVdiUpME+QqZIrjulMPI/AKoABa925Eq8h7UM64p91288I5Lq+S8+ysIaJv2nlydxb9BZBg/NeG5YGD+NIKm0EXoDekmbX91rLktO0cgFYEhNm+43BvLLXoyD7iU2bT7dQKNMUxMyoDvhB40aOkTWKJGCFnnrLf+oSxGDkCWTNaWYCJ3qygxjETGdigQzV6bzaGh2f/pjAzRHwKJHgywW4E2BCGrM4BJZvjhl44sZ14HWLofl3hNzLfrdJLFZz7Ua3PxHlidQ+ZsZSOW61G9Xt5vwHYZDtQOMVcX7tyNTNmMoIlghHjm66H8JDtuiduy08VE+7/Bk2anWhljNX2f2a/+hOjMbzqG+zaAtgpppylkvG/WlR1xLohGlLKdAWYRETIrI0oKi8RKFNHdnuPCZRDHlHDjhc273rPvsn7FlolSSTxbjvyTacB7jNwKfxW32eEK82p04GQyVN5uEBQBZUG4heNnoba54ybeU66PbOOclgE+LoblnvE0lqv8VxbCvbM3VVxTJ0rMj8ZshcxEWDv1v8E1JkGeq3QcDK/Ww1wBDuwLhxY8xbKmD40bmS8nGkRTLDuyhtg009oboT4+SL83Dz5WXEBcwO2m8Noor0QgtMjuyCAR92gvNSvewk03Q6X80W5Rd+tvw6HMwnoevpKge56akgXnQPnx76h78jIrEZ8FDZ7g6dlqPf7Lr9PnWQKhVHZwh1CBN0Rbb0ylumpvkiSCV7kF1tqPE89LO31jmYdULuQmMclKRst+SdXWSM7t2J/CeFmTgSiJ896P95imsC3XcWvmJqk+qlBNynP/Azmn775H59UHj21t8z2sFYwYkDfDRyBSxVLW/08nz+9vVy05qmrUqej/Iv4sHHjE3cgLCD+rjPOHssoFdr4ubG441N+1HpvoxFbo0Yk/fNH9JzqQj09eA4Wx6t3fjOWYJ8CESyK7lKBANYrQ5IdYuY3tk/Z3uR/uYff2pKu6xuisLF66FVC80WokFlvCEoYLLJs/q2/16mMo7cqkbhI0SLJgaAK8wIvJUS64Xxb3+SVVPYkeVFywrAb89J0kg6txXIuOfHxGcDZu7QaEPQUos7pwnbZBeXb/Q1RHbEE6cXr1pGB6wU+0gABNzLLTRNHuu2qm33myLkNQRilOyR7EqrDmLwY3ysGE5tmxYH5+zEu7nR/rkozqwpueGmrDMibRRw14kLRCNh6YkqvKsbSg1Tg0EKZe2eLGG0mmgj5jcYqusRcVtAA==";
fn main() {
use base64::{
alphabet::STANDARD,
engine::{GeneralPurpose, GeneralPurposeConfig},
Engine,
};
use cosmian_cover_crypt::{Covercrypt, EncryptedHeader, UserSecretKey};
use cosmian_crypto_core::bytes_ser_de::Serializable;

let config: GeneralPurposeConfig = GeneralPurposeConfig::default();
let transcoder: GeneralPurpose = GeneralPurpose::new(&STANDARD, config);
let config: GeneralPurposeConfig = GeneralPurposeConfig::default();
let transcoder: GeneralPurpose = GeneralPurpose::new(&STANDARD, config);

let cc = Covercrypt::default();
let usk = UserSecretKey::deserialize(&transcoder.decode(USK.as_bytes()).unwrap()).unwrap();
let encrypted_header =
EncryptedHeader::deserialize(&transcoder.decode(HEADER.as_bytes()).unwrap()).unwrap();
for _ in 0..1000 {
encrypted_header
.decrypt(&cc, &usk, None)
.expect("cannot decrypt hybrid header");
}
let cc = Covercrypt::default();
let usk = UserSecretKey::deserialize(&transcoder.decode(USK.as_bytes()).unwrap()).unwrap();
let encrypted_header =
EncryptedHeader::deserialize(&transcoder.decode(HEADER.as_bytes()).unwrap()).unwrap();
for _ in 0..1000 {
encrypted_header
.decrypt(&cc, &usk, None)
.expect("cannot decrypt hybrid header");
}
#[cfg(not(feature = "serialization"))]
println!("Use the `serialization` feature to run this example")
}
117 changes: 51 additions & 66 deletions examples/encrypt.rs
Original file line number Diff line number Diff line change
@@ -1,80 +1,65 @@
fn main() {
// create policy
#[cfg(all(feature = "serialization", feature = "test_utils"))]
use cosmian_cover_crypt::{
abe_policy::{AccessPolicy, Policy},
test_utils::policy,
Covercrypt, EncryptedHeader, MasterPublicKey, MasterSecretKey,
};

/// Generates a new USK and encrypted header and prints them.
fn generate_new(
cc: &Covercrypt,
policy: &Policy,
_msk: &mut MasterSecretKey,
mpk: &MasterPublicKey,
) {
let access_policy =
AccessPolicy::parse("Department::FIN && Security Level::Top Secret").unwrap();

let (_, _header) = EncryptedHeader::generate(cc, policy, mpk, &access_policy, None, None)
.expect("cannot encrypt header");

#[cfg(feature = "serialization")]
{
use base64::{
alphabet::STANDARD,
engine::{GeneralPurpose, GeneralPurposeConfig},
Engine,
};
use cosmian_cover_crypt::{
abe_policy::{AccessPolicy, Policy},
test_utils::policy,
Covercrypt, EncryptedHeader, MasterPublicKey, MasterSecretKey,
};
use cosmian_crypto_core::bytes_ser_de::Serializable;

fn generate_new(
cc: &Covercrypt,
policy: &Policy,
_msk: &MasterSecretKey,
mpk: &MasterPublicKey,
) {
let access_policy = AccessPolicy::from_boolean_expression(
"Department::FIN && Security Level::Top Secret",
use cosmian_crypto_core::bytes_ser_de::Serializable;
let config: GeneralPurposeConfig = GeneralPurposeConfig::default();
let transcoder: GeneralPurpose = GeneralPurpose::new(&STANDARD, config);
println!(
"USK = {}",
transcoder.encode(
cc.generate_user_secret_key(_msk, &access_policy, policy)
.unwrap()
.serialize()
.unwrap()
)
.unwrap();

let (_, _header) =
EncryptedHeader::generate(cc, policy, mpk, &access_policy, None, None)
.expect("cannot encrypt header");

#[cfg(feature = "serialization")]
{
let config: GeneralPurposeConfig = GeneralPurposeConfig::default();
let transcoder: GeneralPurpose = GeneralPurpose::new(&STANDARD, config);

println!(
"usk = {}",
transcoder.encode(
cc.generate_user_secret_key(_msk, &access_policy, policy)
.unwrap()
.serialize()
.unwrap()
)
);
println!(
"header = {}",
transcoder.encode(_header.serialize().unwrap())
);
}
}

let policy = policy().expect("cannot generate policy");
);
println!(
"header = {}",
transcoder.encode(_header.serialize().unwrap())
);
}
}

let cc = Covercrypt::default();
let (_msk, mpk) = cc
.generate_master_keys(&policy)
.expect("cannot generate master keys");
fn main() {
let policy = policy().expect("cannot generate policy");
let ap = AccessPolicy::parse("Department::FIN && Security Level::Top Secret")
.expect("cannot parse given access policy");

// Encryption of a hybridized ciphertext
let access_policy =
AccessPolicy::from_boolean_expression("Department::FIN && Security Level::Top Secret")
.unwrap();
let cc = Covercrypt::default();
let (mut msk, _) = cc.setup().expect("cannot generate master keys");
let mpk = cc
.update_master_keys(&policy, &mut msk)
.expect("cannot update master keys");

//
// Use the following to update `examples/decrypt.rs` constants.
//
generate_new(&cc, &policy, &_msk, &mpk);
generate_new(&cc, &policy, &mut msk, &mpk);

// encrypt header, use loop to add weight in the flamegraph on it
for _ in 0..1000 {
let _encrypted_header =
EncryptedHeader::generate(&cc, &policy, &mpk, &access_policy, None, None)
.expect("cannot encrypt header");
}
// Encrypt header, use loop to increase its wight in the flame graph.
for _ in 0..1000 {
EncryptedHeader::generate(&cc, &policy, &mpk, &ap, None, None)
.expect("cannot encrypt header");
}

#[cfg(not(all(feature = "test_utils", feature = "serialization")))]
println!("Use the `serialization` feature to run this example")
}
32 changes: 23 additions & 9 deletions src/abe_policy/partitions.rs → src/abe_policy/coordinates.rs
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
use std::{hash::Hash, ops::Deref};

use cosmian_crypto_core::bytes_ser_de::Serializer;
use cosmian_crypto_core::bytes_ser_de::{to_leb128_len, Serializable, Serializer};

use crate::Error;

Expand Down Expand Up @@ -56,12 +56,10 @@ impl Coordinate {
// guard against overflow of the 1024 bytes buffer below
if attribute_ids.len() > 200 {
return Err(Error::InvalidAttribute(
"The current implementation does not currently support more than 200 attributes \
for a partition"
.to_string(),
"The current implementation does not currently support more than 200 attributes for a coordinate".to_string(),
));
}
// the sort operation allows to get the same `Partition` for :
// the sort operation allows to get the same `Coordinate` for :
// `Department::HR && Level::Secret`
// and
// `Level::Secret && Department::HR`
Expand Down Expand Up @@ -95,6 +93,23 @@ impl From<&[u8]> for Coordinate {
}
}

impl Serializable for Coordinate {
type Error = Error;

fn length(&self) -> usize {
to_leb128_len(self.len()) + self.len()
}

fn write(&self, ser: &mut Serializer) -> Result<usize, Self::Error> {
ser.write_vec(self).map_err(Self::Error::from)
}

fn read(de: &mut cosmian_crypto_core::bytes_ser_de::Deserializer) -> Result<Self, Self::Error> {
let bytes = de.read_vec()?;
Ok(Self(bytes))
}
}

#[cfg(test)]
mod tests {
use cosmian_crypto_core::{bytes_ser_de::Deserializer, reexport::rand_core::CryptoRngCore};
Expand All @@ -110,12 +125,11 @@ mod tests {
}

#[test]
fn test_partitions() -> Result<(), Error> {
fn test_coordinates() -> Result<(), Error> {
let mut values: Vec<u32> = vec![12, 0, u32::MAX, 1];
let partition = Coordinate::from_attribute_ids(values.clone())?;
// values are sorted n Partition
let coordinate = Coordinate::from_attribute_ids(values.clone())?;
values.sort_unstable();
let mut de = Deserializer::new(&partition);
let mut de = Deserializer::new(&coordinate);
for v in values {
let val = de.read_leb128_u64().unwrap() as u32;
assert_eq!(v, val);
Expand Down
4 changes: 2 additions & 2 deletions src/abe_policy/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -9,15 +9,15 @@
mod access_policy;
mod attribute;
mod coordinates;
mod dimension;
mod partitions;
mod policy;
mod policy_versions;

pub use access_policy::AccessPolicy;
pub use attribute::{Attribute, AttributeStatus, Attributes, EncryptionHint};
pub use coordinates::Coordinate;
pub use dimension::{AttributeParameters, Dimension, DimensionBuilder};
pub use partitions::Coordinate;
pub use policy_versions::{LegacyPolicy, PolicyV1, PolicyV2 as Policy};
use serde::{Deserialize, Serialize};

Expand Down
4 changes: 2 additions & 2 deletions src/abe_policy/policy_versions.rs
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,8 @@ pub struct PolicyV2 {
/// Version number
pub(crate) version: PolicyVersion,
/// Last value taken by the attribute.
/// TODO: after some mutations, this counter will become very high, which implies the size of
/// the partitions will become huge (d * log_2(id) * 8/7).
/// TODO: after some mutations, this counter will become very high, which
/// implies the size of the coordinates will become huge (d * log_2(id) * 8/7).
pub(crate) last_attribute_value: u32,

/// Policy axes: maps axes name to the list of associated attribute names
Expand Down
21 changes: 18 additions & 3 deletions src/core/api.rs
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
//! Defines the `Covercrypt` API.
use std::{fmt::Debug, sync::Mutex};
use std::{collections::HashMap, fmt::Debug, sync::Mutex};

use cosmian_crypto_core::{
reexport::rand_core::SeedableRng, Aes256Gcm, CsRng, Dem, FixedSizeCBytes, Instantiable, Nonce,
Expand All @@ -12,7 +12,7 @@ use super::{
MIN_TRACING_LEVEL,
};
use crate::{
abe_policy::{AccessPolicy, Policy},
abe_policy::{AccessPolicy, AttributeStatus, Coordinate, EncryptionHint, Policy},
core::{
primitives::{decaps, encaps, refresh, rekey, setup},
Encapsulation, MasterPublicKey, MasterSecretKey, UserSecretKey, SEED_LENGTH,
Expand Down Expand Up @@ -47,11 +47,26 @@ impl Covercrypt {
/// They only hold keys for the origin coordinate: only broadcast
/// encapsulations can be created.
pub fn setup(&self) -> Result<(MasterSecretKey, MasterPublicKey), Error> {
let msk = setup(
let mut msk = setup(
&mut *self.rng.lock().expect("Mutex lock failed!"),
MIN_TRACING_LEVEL,
)?;

// Add broadcast coordinate with classic encryption level.
//
// TODO replace this function by `add_coordinates`,
// `remove_coordinates`, `hybridize_coordinates` and
// `deprecate_coordinates`.
update_coordinate_keys(
&mut *self.rng.lock().expect("Mutex lock failed!"),
&mut msk,
HashMap::from_iter([(
Coordinate::from_attribute_ids(vec![])?,
(EncryptionHint::Classic, AttributeStatus::EncryptDecrypt),
)]),
)?;
let mpk = mpk_keygen(&msk)?;

Ok((msk, mpk))
}

Expand Down
Loading

0 comments on commit 53bfe7b

Please sign in to comment.